MailScanner at ecs.soton.ac.uk
Thu May 8 18:19:52 IST 2008
Paul McEwan wrote:
> OK, everybody has given very useful information this morning
> SMTP AUTH is enabled. So MailScanner checks before they authenticate, and
> that's why they're getting bounced?
No, MailScanner checks afterwards, but _despite_ they have
authenticated. MailScanner doesn't know they authenticated, only your
MTA knows that.
> If so, I'll do as everyone suggests and make SendMail do the checks with a
> carefully selected blacklist
That's the right solution. Make sure you set sendmail to delay-checks as
otherwise they will be rejected before they have a chance to authenticate.
> -----Original Message-----
> From: mailscanner-bounces at lists.mailscanner.info
> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Steve
> Sent: Thursday, May 08, 2008 11:24 AM
> To: MailScanner discussion
> Subject: Re: MailScanner Blacklists
> Paul McEwan wrote:
>> I've been using MailScanner for the last year or so and it works great.
>> But, spam is always a problem. I'm using SpamAssassin with MailScanner
>> I recently started using some blacklists. It greatly reduced the spam,
>> unfortunately, some legitimate email got blocked. People working remotely
>> could not always send email because they had dynamic ips blocked by the
>> blacklists. One of the ISPs was Bell South. Is there some way to get
>> around this problem?
> The 'proper' way to do this would be to use SMTP AUTH for your users
> when they are roaming or use POP-before-SMTP otherwise.
> Then do all your RBL checking in Sendmail with delay-checks enabled, so
> that users that have used SMTP AUTH or POP-before-SMTP are then exempt
> from RBL checks (as they are effectively whitelisted).
>> I'm running RedHat Enterprise Linux 3 with MailScanner 4.60.8-1 and
>> 8.12.11. I was trying to use the following blacklist setting:
>> Spam List = SORBS-SPAM spamhaus-ZEN spamcop.net NJABL SORBS-DUL
> I don't use the 'Spam List' option in MailScanner and prefer to do this
> at the SMTP phase, that way you can reduce the load on MailScanner and
> have the MTA bypass RBL tests for specific users (e.g. AUTH) easily.
> I also wouldn't use SORBS as I've been bitten by their policies in the
> past e.g. don't be surprised to see Google mail servers in the blacklist
> and don't be surprised to find static IPs with generic rDNS in the
> dial-up lists (which is what I suspect the problem was with Bell South).
Julian Field MEng CITP CEng
Buy the MailScanner book at www.MailScanner.info/store
MailScanner customisation, or any advanced system administration help?
Contact me at Jules at Jules.FM
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
PGP public key: http://www.jules.fm/julesfm.asc
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the MailScanner