MailScanner Blacklists

Julian Field MailScanner at
Thu May 8 18:19:52 IST 2008

Paul McEwan wrote:
> OK, everybody has given very useful information this morning
> SMTP AUTH is enabled.  So MailScanner checks before they authenticate, and
> that's why they're getting bounced?
No, MailScanner checks afterwards, but _despite_ they have 
authenticated. MailScanner doesn't know they authenticated, only your 
MTA knows that.
> If so, I'll do as everyone suggests and make SendMail do the checks with a
> carefully selected blacklist
That's the right solution. Make sure you set sendmail to delay-checks as 
otherwise they will be rejected before they have a chance to authenticate.
> -----Original Message-----
> From: mailscanner-bounces at
> [mailto:mailscanner-bounces at] On Behalf Of Steve
> Freegard
> Sent: Thursday, May 08, 2008 11:24 AM
> To: MailScanner discussion
> Subject: Re: MailScanner Blacklists
> Paul McEwan wrote:
>> I've been using MailScanner for the last year or so and it works great.
>> But, spam is always a problem.  I'm using SpamAssassin with MailScanner
> and
>> I recently started using some blacklists.  It greatly reduced the spam,
> but
>> unfortunately, some legitimate email got blocked.  People working remotely
>> could not always send email because they had dynamic ips blocked by the
>> blacklists.  One of the ISPs was Bell South.  Is there some way to get
>> around this problem?
> The 'proper' way to do this would be to use SMTP AUTH for your users 
> when they are roaming or use POP-before-SMTP otherwise.
> Then do all your RBL checking in Sendmail with delay-checks enabled, so 
> that users that have used SMTP AUTH or POP-before-SMTP are then exempt 
> from RBL checks (as they are effectively whitelisted).
>> I'm running RedHat Enterprise Linux 3 with MailScanner 4.60.8-1 and
> SendMail
>> 8.12.11.  I was trying to use the following blacklist setting:
>> Spam List = SORBS-SPAM spamhaus-ZEN NJABL SORBS-DUL
> I don't use the 'Spam List' option in MailScanner and prefer to do this 
> at the SMTP phase, that way you can reduce the load on MailScanner and 
> have the MTA bypass RBL tests for specific users (e.g. AUTH) easily.
> I also wouldn't use SORBS as I've been bitten by their policies in the 
> past e.g. don't be surprised to see Google mail servers in the blacklist 
> and don't be surprised to find static IPs with generic rDNS in the 
> dial-up lists (which is what I suspect the problem was with Bell South).
> Cheers,
> Steve.


Julian Field MEng CITP CEng
Buy the MailScanner book at

MailScanner customisation, or any advanced system administration help?
Contact me at Jules at Jules.FM

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
PGP public key:

This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the MailScanner mailing list