Spam Lists (DNS blocklists) and trusted networks
Hugo van der Kooij
hvdkooij at vanderkooij.org
Sun Aug 3 12:40:07 IST 2008
-----BEGIN PGP SIGNED MESSAGE-----
| If mail is being relayed to my MailScanner server from a MX server
| how do I check RBL's within MailScanner
| Can I specify MailScanner to look inside the headers for checking RBL's
| 1 Hop before the current relay server
| I know It is best to check RBL's at the MTA, but I want to use
| whitelists overriding RBL checks. That is why I moved the RBL checks to
| MailScanner from the MTA
This reminds me a bit of a nice feature in the Barracuda units.
They have a configuration option called "Trusted forwarders".
It is intended to be filled with backup servers that are not under the
control of the admin of the Barracuda.
In effect messages being forwarded via the backup server(s) are being
inspected a bit differently. More in the sense of "Suppose the message
had been send directly to the Barracuda instead of the backup server.
Would it have been accepted?"
So if a message is receive from a backup server the Received: headers
are inspected. If that message would have been blocked on the MTA level
on the Barracuda. Then the IP adres from the sender will still result in
a block on the Barracuda.
I have not read the code on how it is done but I think quite a few
people could use a similar option in their $MTA/MailScanner setup.
I think I would prefer to handle this on the $MTA level but I am not
sure that is at all possible.
If someone can think of a way to add this to MailScanner as an option we
could increase the amount of spam we can kill.
hvdkooij at vanderkooij.org http://hugo.vanderkooij.org/
PGP/GPG? Use: http://hugo.vanderkooij.org/0x58F19981.asc
>Q: Are you sure?
>>A: Because it reverses the logical flow of conversation.
>>>Q: Why is top posting frowned upon?
Bored? Click on http://spamornot.org/ and rate those images.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
-----END PGP SIGNATURE-----
More information about the MailScanner