Anyone using MIMEDefang w/MailScanner to verify TO: address is valid

Hugo van der Kooij hvdkooij at vanderkooij.org
Fri Oct 5 13:40:39 IST 2007 

On Fri, 5 Oct 2007, Hugo van der Kooij wrote:

> On Fri, 5 Oct 2007, Gareth wrote:
>
>>  What mail software are you using?
>>  If its Postfix you can use recipient verification.
>>
>>  You might also want to consider using a RBL such as Spamhaus on the mail
>>  server. We do and we reject well over 75% of spam before it is accepted
>>  which reduces the load on MailScanner considerably.
>
> Mind you that spamhaus will not work everywhere. Some networks are shut off 
> due to too much traffic to spamhaus. So test this before you activate it.

Here is a simple receipe for testing a RBL manually.

Pick your own public IP address. Say: 82.95.223.25
Pick your RBL you want to test. Say: zen.spamhaus.org

Then test it with dig (you do run a caching name server on you system, 
don't you?):

dig 25.223.95.82.zen.spamhaus.org a


This should give you an answer almost instantly like:

; <<>> DiG 9.3.3rc2 <<>> 25.223.95.82.zen.spamhaus.org a
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30063
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;25.223.95.82.zen.spamhaus.org. IN      A

;; AUTHORITY SECTION:
zen.spamhaus.org.       461     IN      SOA     need.to.know.only. 
hostmaster.spamhaus.org. 2007100549 3600 600 432000 900

;; Query time: 5 msec
;; SERVER: 84.244.176.5#53(84.244.176.5)
;; WHEN: Fri Oct  5 14:31:46 2007
;; MSG SIZE  rcvd: 111


If you hit a blacklisted IP your response would contain lines like:

;; QUESTION SECTION:
;187.227.153.83.zen.spamhaus.org. IN    A

;; ANSWER SECTION:
187.227.153.83.zen.spamhaus.org. 1800 IN A      127.0.0.4
187.227.153.83.zen.spamhaus.org. 1800 IN A      127.0.0.11


If your reply is not there in a second you may need to fix your DNS server 
or you may be trying a bad RBL.

OT: I have seen horrible things happen with the new 3.5 firmware on 
Barracuda hardware so I am rather keen on checking DNS issues manually 
these days on any email system.

Hugo.

PS: I know many of you know this already but it is always good to have 
this tidbit documented in the context of MailScanner for future 
references.

-- 
 	hvdkooij at vanderkooij.org	http://hugo.vanderkooij.org/
 	    This message is using 100% recycled electrons.

 	Some men see computers as they are and say "Windows"
 	I use computers with Linux and say "Why Windows?"
 	(Thanks JFK, for this quote of George Bernard Shaw.)

More information about the MailScanner mailing list