MailScanner Blacklists

Thu May 8 18:19:52 IST 2008

Paul McEwan wrote:
> OK, everybody has given very useful information this morning
>
> SMTP AUTH is enabled.  So MailScanner checks before they authenticate, and
> that's why they're getting bounced?
>   
No, MailScanner checks afterwards, but _despite_ they have 
authenticated. MailScanner doesn't know they authenticated, only your 
MTA knows that.
> If so, I'll do as everyone suggests and make SendMail do the checks with a
> carefully selected blacklist
>   
That's the right solution. Make sure you set sendmail to delay-checks as 
otherwise they will be rejected before they have a chance to authenticate.
>
> -----Original Message-----
> From: mailscanner-bounces at lists.mailscanner.info
> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Steve
> Freegard
> Sent: Thursday, May 08, 2008 11:24 AM
> To: MailScanner discussion
> Subject: Re: MailScanner Blacklists
>
> Paul McEwan wrote:
>   
>> I've been using MailScanner for the last year or so and it works great.
>> But, spam is always a problem.  I'm using SpamAssassin with MailScanner
>>     
> and
>   
>> I recently started using some blacklists.  It greatly reduced the spam,
>>     
> but
>   
>> unfortunately, some legitimate email got blocked.  People working remotely
>> could not always send email because they had dynamic ips blocked by the
>> blacklists.  One of the ISPs was Bell South.  Is there some way to get
>> around this problem?
>>     
>
> The 'proper' way to do this would be to use SMTP AUTH for your users 
> when they are roaming or use POP-before-SMTP otherwise.
>
> Then do all your RBL checking in Sendmail with delay-checks enabled, so 
> that users that have used SMTP AUTH or POP-before-SMTP are then exempt 
> from RBL checks (as they are effectively whitelisted).
>
>   
>> I'm running RedHat Enterprise Linux 3 with MailScanner 4.60.8-1 and
>>     
> SendMail
>   
>> 8.12.11.  I was trying to use the following blacklist setting:
>>
>> Spam List = SORBS-SPAM spamhaus-ZEN spamcop.net NJABL SORBS-DUL
>>     
>
> I don't use the 'Spam List' option in MailScanner and prefer to do this 
> at the SMTP phase, that way you can reduce the load on MailScanner and 
> have the MTA bypass RBL tests for specific users (e.g. AUTH) easily.
>
> I also wouldn't use SORBS as I've been bitten by their policies in the 
> past e.g. don't be surprised to see Google mail servers in the blacklist 
> and don't be surprised to find static IPs with generic rDNS in the 
> dial-up lists (which is what I suspect the problem was with Bell South).
>
> Cheers,
> Steve.
>   

Jules

-- 
Julian Field MEng CITP CEng
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store

MailScanner customisation, or any advanced system administration help?
Contact me at Jules at Jules.FM

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
PGP public key: http://www.jules.fm/julesfm.asc

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.