RBL Checks within mailscanner - no spam scanning

Wed Jul 6 18:59:43 UTC 2016

Virus Scanning = yes 

Spam checks = yes

Spam List =  spamhaus-ZEN spamhaus.org spamhaus-XBL RATS NJABL spamcop.net             CBL BARRACUDA                JustSpam UCEPROTECT

Spam List To Be Spam = 2

Spam List to Reach High Score = 3

Use Spamassassin = no 

Jorge Arenas

From: MailScanner [mailto:mailscanner-bounces+jorgeaaq=gmail.com at lists.mailscanner.info] On Behalf Of Martin Hepworth
Sent: miércoles, 6 de julio de 2016 01:07 p. m.
To: MailScanner Discussion <mailscanner at lists.mailscanner.info>
Subject: Re: RBL Checks within mailscanner - no spam scanning

Sure its possible and you can set to a min. Number of rbls before its marked as spam

but why is the client asking for this? Seems like youve got a solution to a problem but whats the problem?

On Wed, 6 Jul 2016 at 18:13, Peter Lemieux <mailscanner at replies.cyways.com <mailto:mailscanner at replies.cyways.com> > wrote:

I prefer to let SpamAssassin do the RBL checks since they give the different
RBLs varying weights.  Using a milter or some other method requires you to
make a yes or no decision during the SMTP exchange.  Leaving it to SA lets
you put the RBL results into a bigger context.

However your client's request might work better at the SMTP level though
since they only want to use blacklists.  So you could use some form of
milter with your mail exchanger (sendmail, Postfix, exim, etc.) and turn off
spam scanning in MailScanner altogether.

Alternatively, you could put a copy of /usr/share/spamassassin/72_scores.cf <http://72_scores.cf> 
in /etc/mail/spamassassin and set all the scores to zero except for the
RBL-related ones.  Then you can let MailScanner invoke SpamAssassin and only
the RBL scores will apply.

I definitely agree with Kevin that bouncing either spam or viruses back to
their alleged "senders" is a bad idea. You'll just flood your outbound mail
queue with undeliverable messages directed to bogus spamming accounts.

Peter

On 07/06/2016 12:43 PM, Kevin Miller wrote:
> You don’t want to bounce mail from w/in MailScanner – so much of it (close
> to all I’d wager) has a forged from address and/or envelope sender address
> that the bounce will end up going to someone that had nothing to do with the
> spam.  That’s a good way to get yourself blacklisted.  An old trick of
> spammers is to send to bogus addresses with a good from address.  The spam
> is bounced to the from address who is the real target, disguised as a
> non-delivery report.  Pretty sleazy.
>
> The proper way is to reject at the MTA rather than in MailScanner, as that
> deals directly with the sending server.
>
> ...Kevin
>
> --
>
> Kevin Miller
>
> Network/email Administrator, CBJ MIS Dept.
>
> 155 South Seward Street
>
> Juneau, Alaska 99801
>
> Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User No: 307357
>
> *From:*MailScanner
> [mailto:mailscanner-bounces+kevin.miller <mailto:mailscanner-bounces%2Bkevin.miller> =juneau.org at lists.mailscanner.info <mailto:juneau.org at lists.mailscanner.info> ]
> *On Behalf Of *Richard Mealing
> *Sent:* Wednesday, July 06, 2016 7:57 AM
> *To:* MailScanner discussion (mailscanner at lists.mailscanner.info <mailto:mailscanner at lists.mailscanner.info> )
> *Subject:* RBL Checks within mailscanner - no spam scanning
>
> Hi everyone,
>
> I have a request from a client who wants to see all the RBL checks within
> mailscanner, but they don’t want to do any SA spam scanning, just AV scanning.
>
> Is this possible?
>
> I’ve never done RBL checks on mailscanner before. I’m wondering how it
> works. I read somewhere that is quarantines the emails, is that correct? Is
> there any way to bounce the emails back to the sender?
>
> Thanks,
>
> Rich
>
>
>
>
>

--
MailScanner mailing list
mailscanner at lists.mailscanner.info <mailto:mailscanner at lists.mailscanner.info> 
http://lists.mailscanner.info/listinfo/mailscanner

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mailscanner.info/pipermail/mailscanner/attachments/20160706/5193c8d1/attachment.html>