RBL and trusted users from blacklisted IP addresses
Logan Shaw
lshaw at emitinc.com
Wed Aug 2 20:57:54 IST 2006
On Wed, 2 Aug 2006, ewr at erols.com wrote:
> This is probably as much of a sendmail question as a mailscanner question,
> but I figured I'd start here.
>
> My mail server is set up to use pop-before-smtp for authentication. When a
> user pops their email from the server, the IP address that they are checking
> their mail from gets added to sendmail's access.db for 10 minutes. It is
> inserted into the file as "<ip> RELAY".
>
> I am using mailscanner/spamassassin to scan all incoming mails.
> "Spam List = OORDB-RBL SBL+XBL" is set in mailscanner.conf
>
> My users are spread out around the country and connect to the internet from
> constantly changing locations. Most of the time everything works great.
>
> The problem I am occassionally running into is that my users will
> occassionally try to send email from a black-listed IP address.
One simple solution to this is to set up sendmail to listen
on port 587, the mail submission port. The users would then
connect to port 587 and do authenticated SMTP. You can then
set up a separate sendmail instance to listen on this port and
bypass the MailScanner queue entirely. If the users are doing
authentication, there is little need to worry about spam.
The only problem might be protecting machines from viruses
spreading *from* your users' machines. Whether that's going
to be an issue you need to worry about depends on your users.
- Logan
More information about the MailScanner
mailing list