Problem with Iphones

Alex Neuman alex at rtpty.com
Wed Sep 22 17:05:18 IST 2010


You're using sendmail.

Find cfhead.m4 - should be in /usr/share/sendmail-cf/m4 if you're using CentOS.

Look for the line (on or near line 274) that says:
define(`confRECEIVED_HEADER', `_REC_HDR_

This is where the header is defined. The next line reads:
        _REC_AUTH_$?{auth_ssf} bits=${auth_ssf}$.)

Change it to:
        _REC_FULL_AUTH_$?{auth_ssf} YOURTOKEN bits=${auth_ssf}$.)

The REC_FULL_AUTH will give you a better idea of the username that authenticated - not just *the fact that the user did authenticate*.

The YOURTOKEN would be something that's not obviously "your token" so it doesn't get picked up by spammers. This is what we'll look for using SA.

Find your local.cf for spamassassin. This should be in /etc/mail/spamassassin. Go to the end and add:

header YOURTOKEN ALL =~ /YOURTOKEN/
score YOURTOKEN -100

This is crude, but effective. Spoofable, since "YOURTOKEN" will obviously be something someone could insert into their own headers - but I doubt it's practical for most spammers.

Let me know how that works out for you. Works for me, YMMV, if you break it you get to keep all the pieces.

On Sep 22, 2010, at 10:26 AM, Phil Udel wrote:

> That would be great. 
> I have think I have the Auth setup. How do I do the "custom header into
> authenticated users" ?
> 
> Test of Auth
> 250-mail.salemcorp.com Hello localhost.localdomain [127.0.0.1], pleased to
> meetu
> 250-ENHANCEDSTATUSCODES
> 250-PIPELINING
> 250-8BITMIME
> 250-SIZE
> 250-DSN
> 250-AUTH DIGEST-MD5 CRAM-MD5
> 250-DELIVERBY
> 250 HELP
> 
> -----Original Message-----
> From: mailscanner-bounces at lists.mailscanner.info
> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Alex Neuman
> Sent: Wednesday, September 22, 2010 11:03 AM
> To: MailScanner discussion
> Subject: Re: Problem with Iphones
> 
> The problem is not with the iPhones.
> 
> The problem lies with the fact that you're not using AUTH when nowadays it's
> absolutely necessary.
> 
> You need to use AUTH, and SPF with hardfail as well. I also insert a custom
> header into authenticated users' e-mails so that SpamAssassin will score a
> -100 on them, and that helps a lot.
> 
> On Sep 22, 2010, at 9:46 AM, Phil Udel wrote:
> 
>> HI, I am a long time user of Sendmail and Mailscanner but I have hit a
> problem that I cant seem to find a solution for.  Currently I am using the
> latest version of everything on a centos 5.1 sandbox.
>> 
>> 
>> Problem Description:
>> I have some Apple Iphones that the users want to Send/Replay Email
> directly with my mail server.  I do not use Auth, but I am looking into
> using that to solve relay problem.
>> The problem that I am not sure that Auth will fix is the high spam score
> Iphones get.
>> Almost all the Iphone seem to hit  most, if not all of the rules:
>> RDNS_DYNAMIC
>> RCVD_IN_PBL
>> MIME_QP_LONG_LINE
>> 
>> I don't want to lower the rule scores because they do a good job of
> stopping alot of Dynamic spam.
>> I cant whitelist the IP or domain  example
> (mobile-166-137-011-147.mycingular.net) because the IP is different every
> time, and whitlisting mycingular.net is  a bad idea.
>> 
>> 
>> If I set up Auth will Spamassasn still score it high?  I believe it would.
>> If I use Auth will that get a  ALL_TRUSTED Value that I can use to Lower
> the score?  
>> 
>> As Always MY Life and job hang in the balance on this issue, since one 
>> of the Ipones belongs to the owner of the company. :P
>> 
>> 
>> --
>> MailScanner mailing list
>> mailscanner at lists.mailscanner.info
>> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>> 
>> Before posting, read http://wiki.mailscanner.info/posting
>> 
>> Support MailScanner development - buy the book off the website! 
> 
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
> 
> Before posting, read http://wiki.mailscanner.info/posting
> 
> Support MailScanner development - buy the book off the website! 
> 
> -- 
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
> 
> Before posting, read http://wiki.mailscanner.info/posting
> 
> Support MailScanner development - buy the book off the website! 



More information about the MailScanner mailing list