MailScanner Blacklists

[Steve Freegard]

Paul McEwan wrote:
> I've been using MailScanner for the last year or so and it works great.
> But, spam is always a problem.  I'm using SpamAssassin with MailScanner and
> I recently started using some blacklists.  It greatly reduced the spam, but
> unfortunately, some legitimate email got blocked.  People working remotely
> could not always send email because they had dynamic ips blocked by the
> blacklists.  One of the ISPs was Bell South.  Is there some way to get
> around this problem?

The 'proper' way to do this would be to use SMTP AUTH for your users 
when they are roaming or use POP-before-SMTP otherwise.

Then do all your RBL checking in Sendmail with delay-checks enabled, so 
that users that have used SMTP AUTH or POP-before-SMTP are then exempt 
from RBL checks (as they are effectively whitelisted).

> I'm running RedHat Enterprise Linux 3 with MailScanner 4.60.8-1 and SendMail
> 8.12.11.  I was trying to use the following blacklist setting:
> 
> Spam List = SORBS-SPAM spamhaus-ZEN spamcop.net NJABL SORBS-DUL

I don't use the 'Spam List' option in MailScanner and prefer to do this 
at the SMTP phase, that way you can reduce the load on MailScanner and 
have the MTA bypass RBL tests for specific users (e.g. AUTH) easily.

I also wouldn't use SORBS as I've been bitten by their policies in the 
past e.g. don't be surprised to see Google mail servers in the blacklist 
and don't be surprised to find static IPs with generic rDNS in the 
dial-up lists (which is what I suspect the problem was with Bell South).

Cheers,
Steve.