RBL and trusted users from blacklisted IP addresses

Steve Freegard steve.freegard at fsl.com
Wed Aug 2 19:10:25 IST 2006


Hi Eric,

ewr at erols.com wrote:
> This is probably as much of a sendmail question as a mailscanner question,
> but I figured I'd start here.
> 
> My mail server is set up to use pop-before-smtp for authentication.  When a
> user pops their email from the server, the IP address that they are checking
> their mail from gets added to sendmail's access.db for 10 minutes.  It is
> inserted into the file as "<ip> RELAY".
> 
> I am using mailscanner/spamassassin to scan all incoming mails.
> "Spam List = OORDB-RBL SBL+XBL" is set in mailscanner.conf

Why not move the RBL checks from MailScanner into Sendmail?? -- this 
will reduce the load on your system as black listed host connections 
will be rejected with a 5xx SMTP error which is cheaper than 
MailScanner+SpamAssassin.  You will need to modify the POP before SMTP 
script to write to the access.db in the format 'Connect:ip.add.re.ss 
RELAY' to allow the bypass of the RBL checks for POP before SMTP users 
though, and you might want to think about setting 
FEATURE(`delay_checks') too.

This will stop MailScanner marking the message with {Spam?} if the 
client appears on an RBL -- but it might just move the problem into 
SpamAssassin as it will probably get scored accordingly, you'll have to 
try and see.

> #2) Is there a way to check the IP against a dynamic white-list and mark it
> as non-spam no matter what?  I can probably update our pop-before-smtp to
> update another whitelist.

You could create a CustomFunction on the 'Spam Checks' setting which 
looks up entries in the access.db and returns 'No' if the 
$message->{clientip} key exists with a RELAY value.

Kind regards,
Steve.

--
Steve Freegard
Development Director
Fort Systems Ltd.


More information about the MailScanner mailing list