RBL checks not being done?

Richard Lynch rich at MAIL.WVNET.EDU
Thu Sep 16 16:31:48 IST 2004


<x-flowed>
Matt Kehler wrote:

>>>>mailscanner at ECS.SOTON.AC.UK 09/16/04 09:15AM >>>
>>>>
>>>>
>At 14:26 16/09/2004, you wrote:
>
>
>>I have 2 seemingly identical servers running MS 4.24-5.  I have Spam List =
>>ORDB-RBL SBL+XBL in the config for both.  Only one is using it. The other
>>server's maillog never shows anything pertaining to RBL whatsoever.
>>Everything else seems to work fine.
>>
>>
>
>
>
>>Have you checked they both have these 2 defined in spam.lists.conf?
>>Is the /etc/resolv.conf on both machines the same, and the /etc/nsswitch.conf?
>>Is all other DNS working the same on the 2 machines?
>>--
>>Julian Field
>>the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
>>
>>
>
>Both spam.lists.conf are identical.  Servers are configured the same DNS wise (same resolv.conf, nsswitch.conf, etc).  Everything else on the 2nd server other than the RBL function is working (ie, spamassassin, bayes, etc)
>
>Matt
>
>

I'm having a similar problem on my test system.  I, obviously, use the
test system for new versions or significant configuration changes.
Generally, I use a .forward file on my mail server (imap) user and
forward mail to myself and then to my test id on the MS test system --
that way I get mail in both places.   When I was moving from MS doing
all the RBL checks to Spamassassin doing all the RBL checks, mail would
pass through MS on the gateway to my mail server and then get forwarded
to MS on the test box and my test id there.  On the test system I would
get two Spamassassin reports in the mail headers
(X-MailScanner-SpamCheck).  The first report was from the production
system, which did the RBL checks in MS, and the second report was from
the test system with SA doing the RBL checks.  That worked great and I
could compare the results of the two different configurations.

Last weekend I changed the prod systems to do all of the RBL checks in
SA.  I changed the test system back to the old way where MS did RBL
checks and SA did not.  It's a pretty simple configuration change and
I'm reasonably sure it's correct.  I did this so I could continue to
compare results and make sure my change to SA doing RBLs had the desired
effect.  However, now the test system never does an RBL check even
though it's configured to do them.  I've wondered if MS decided not to
do RBL checks because the message already contained MS headers from the
initial scan on the production system.  Is that perhaps the reason MS is
not doing RBL checks even though I've configured it to do them?  I have
no idea.  Here's an example of the SpamCheck header.

  X-MailScanner-SpamCheck: spam, SpamAssassin (score=20.9, required 6,
        autolearn=spam, BAYES_99 5.40, DCC_CHECK 2.91, HTML_FONT_BIG 0.27,
        HTML_MESSAGE 0.10, MIME_HTML_ONLY 0.32, MIME_HTML_ONLY_MULTI 1.10,
        MSGID_FROM_MTA_HEADER 0.70, RCVD_IN_BL_SPAMCOP_NET 1.50,
        RCVD_IN_DYNABLOCK 1.50, RCVD_IN_SORBS 0.10, SPAMCOP_URI_RBL 3.50,
        WS_URI_RBL 3.50), spam, SpamAssassin (score=12.4, required 5,
        DCC_CHECK 2.91, HTML_FONT_BIG 0.27, HTML_MESSAGE 0.10,
        MIME_HTML_ONLY 0.32, MIME_HTML_ONLY_MULTI 1.10,
        MSGID_FROM_MTA_HEADER 0.70, SPAMCOP_URI_RBL 3.50, WS_URI_RBL 3.50)

Note that the first report from the prod system shows SA is getting RBL
hits.  The second report (test system) shows no RBL hits from SA or MS.
I do have the surbl stuff installed on both systems so the second report
does show those.  Perhaps this message isn't a good example -- I'm not
certain.  But I can say that I never get a MS RBL hit on the test
system.  I've triple checked the configs and I don't understand why.
The config differences are fairly simple.  On the prod systems in
MailScanner.conf I set "Spam List =" with an empty list.  On the test
system this setting points to a ruleset which contains...

FromOrTo:       default         ORDB-RBL spamcop.net NJABL SBL+XBL
SORBS-DNSBL

The other change is in /etc/MailScanner/spam.assassin.prefs.conf.  On
the test system I have "skip_rbl_checks 1" and on the prod system I have
"skip_rbl_checks 0".  That's pretty much it.  I also upped the spam
score on the prod system to 6.

Sorry for the long winded description.  I just don't understand why MS
on the test system never does an RBL check even though it's configured
to do them.  I've assumed it has something to do with the MS headers
that are already there from the production system.

-- Rich

--



------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
</x-flowed>



More information about the MailScanner mailing list