[qmailtoaster] Re: Mail issue

[Eric Shubert]

On 03/31/2012 10:28 PM, Délsio Cabá wrote:

Hi,

#reject-empty-rdns
#reject-ip-in-cc-rdns
reject-missing-sender-mx
#reject-unresolvable-rdns


These 3 that you have commented out are quite effective filters. I would 
use empty and unresolvable filters unquestionably. I believe gmail does 
this as well, although I'm not positive on that.


ip-in-cc is a reportedly a little more specialized. IIRC Sam mentioned 
that this may not be as appropriate in (non-US) settings, although I'm 
not convinced. I use it and don't have a problem receiving international 
emails, although I don't receive a lot of them.


--
-Eric 'shubes'


-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
   Vickers Consulting Group offers Qmailtoaster support and installations.
 If you need professional help with your setup, contact them today!
-
Please visit qmailtoaster.com for the latest news, updates, and packages.

 To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com

For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] Re: Mail issue

[Eric Shubert]

On 04/01/2012 07:51 AM, Eric Shubert wrote:

On 03/31/2012 10:28 PM, Délsio Cabá wrote:

Hi,

#reject-empty-rdns
#reject-ip-in-cc-rdns
reject-missing-sender-mx
#reject-unresolvable-rdns


These 3 that you have commented out are quite effective filters. I would
use empty and unresolvable filters unquestionably. I believe gmail does
this as well, although I'm not positive on that.

ip-in-cc is a reportedly a little more specialized. IIRC Sam mentioned
that this may not be as appropriate in (non-US) settings, although I'm
not convinced. I use it and don't have a problem receiving international
emails, although I don't receive a lot of them.



Also meant to mention that reject-missing-sender-mx doesn't hurt, but I 
think that filter is being done by chkuser as well. Unless of course you 
have chkuser turned off. I put it in spamdyke's configuration commented 
out by default mainly to remind me that it can be done here as well as 
in chkuser. To be honest, I wouldn't mind seeing more of chkuser's 
functionality implemented in spamdyke. Options are much easier to 
configure there.


--
-Eric 'shubes'


-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
   Vickers Consulting Group offers Qmailtoaster support and installations.
 If you need professional help with your setup, contact them today!
-
Please visit qmailtoaster.com for the latest news, updates, and packages.

 To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com

For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] Re: Mail issue

[Eric Shubert]

On 04/01/2012 08:43 AM, Khan Mohamed Ashraf wrote:

In reply to Bharat Chari's statement "Airtel, unfortunately is amongst
the top 5 spambot networks in the world". I agree. But I would not lay
the entire blame on Airtel alone.
The reason so many spambots are hosted on these networks is the low and
could not care 2 hoots about my machine being infected attitude of users
that leads to this. Educating users to be proactive about protecting
their computing environment (mostly one dominant OS) from infiltration
and hijack is a must. Major Indian ISP's such as Airtel should also
participate in the efforts to take down the command and control centers
of these spambot networks.


Perhaps someone should attempt to persuade Airtel to block outbound port 
25 traffic from their dhcp and/or residential subscribers that's not 
destined to their smtp servers. This is what Cox (cable) and Centurylink 
(DSL) both do in this area. I think doing so goes a long way toward 
thwarting infected machines.


Personally, I use a perimeter firewall to block any outbound port 25 
traffic that doesn't originate from my QMT host. This keeps unauthorized 
email from going out on an IP address which also services user internet 
access.


--
-Eric 'shubes'


-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
   Vickers Consulting Group offers Qmailtoaster support and installations.
 If you need professional help with your setup, contact them today!
-
Please visit qmailtoaster.com for the latest news, updates, and packages.

 To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com

For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] Re: Mail issue

[Eric Shubert]

On 04/01/2012 10:55 AM, Délsio Cabá wrote:

I must agree that the options:
#reject-empty-rdns
#reject-ip-in-cc-rdns
reject-missing-sender-mx
#reject-unresolvable-rdns

are very useful for blocking spam, but unfortunately I keep having
complains from some clients that emails were not coming in. I fould out
that some mail server don't even have reverse Ip configured and others
have but the reverse name had not A Records.
So I decided to disable reject-empty-rdns and reject-unresolvable-rdns.


I haven't seen that many that are misconfigured. In some cases the 
domain has moved to another host which is not quite configured correctly 
yet.


I ask my customers for the domain(s) that are being blocked, and explain 
to them that gmail is blocking email from that domain as well. Then I 
attempt to contact the admin and let them know what the problem is, and 
whitelist the domain in spamdyke.


I'm simply not willing to forgo the advantages these filters give 
everyone else due to a few lame brained mail admins. To each his own though.



So I rely only in RBL.
What's the differente between dns-blacklist-entry=sbl-xbl.spamhaus.org
 and
dns-blacklist-entry=sbl-xbl.spamhaus.org 
and |check-dnsrbl=|sbl-xbl.spamhaus.org  ?


Check with spamhaus.org on that. They have several lists.

--
-Eric 'shubes'


-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
   Vickers Consulting Group offers Qmailtoaster support and installations.
 If you need professional help with your setup, contact them today!
-
Please visit qmailtoaster.com for the latest news, updates, and packages.

 To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com

For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Re: Mail issue

[Maxwell Smart]

  
  


On 04/01/2012 09:07 AM, Eric Shubert wrote:
On
  04/01/2012 08:43 AM, Khan Mohamed Ashraf wrote:
  
  In reply to Bharat Chari's statement
"Airtel, unfortunately is amongst

the top 5 spambot networks in the world". I agree. But I would
not lay

the entire blame on Airtel alone.

The reason so many spambots are hosted on these networks is the
low and

could not care 2 hoots about my machine being infected attitude
of users

that leads to this. Educating users to be proactive about
protecting

their computing environment (mostly one dominant OS) from
infiltration

and hijack is a must. Major Indian ISP's such as Airtel should
also

participate in the efforts to take down the command and control
centers

of these spambot networks.

  
  
  Perhaps someone should attempt to persuade Airtel to block
  outbound port 25 traffic from their dhcp and/or residential
  subscribers that's not destined to their smtp servers. This is
  what Cox (cable) and Centurylink (DSL) both do in this area. I
  think doing so goes a long way toward thwarting infected machines.
  
  
  Personally, I use a perimeter firewall to block any outbound port
  25 traffic that doesn't originate from my QMT host. This keeps
  unauthorized email from going out on an IP address which also
  services user internet access.
  
  

This is way beyond the scope of the average user.  My father for
instance could never on his own block port 25 traffic.  He use to
have a Windows box and recently upgraded.  I built him a Linux box
and it seems to have stopped any Malware problems he was having.

-- 
  
  

Re: [qmailtoaster] Re: Mail issue

[Délsio Cabá]

I must agree that the options:
#reject-empty-rdns
#reject-ip-in-cc-rdns
reject-missing-sender-mx
#reject-unresolvable-rdns

are very useful for blocking spam, but unfortunately I keep having
complains from some clients that emails were not coming in. I fould out
that some mail server don't even have reverse Ip configured and others have
but the reverse name had not A Records.
So I decided to disable reject-empty-rdns and reject-unresolvable-rdns.

As for reject-ip-in-cc-rdns I really don't any advantage to have this
enabled.

So I rely only in RBL.
What's the differente between dns-blacklist-entry=sbl-xbl.spamhaus.org and
dns-blacklist-entry=sbl-xbl.spamhaus.org and check-dnsrbl=
sbl-xbl.spamhaus.org ?


Any other suggestions?

On 1 April 2012 18:26, Maxwell Smart  wrote:

>
>
> On 04/01/2012 09:07 AM, Eric Shubert wrote:
>
> On 04/01/2012 08:43 AM, Khan Mohamed Ashraf wrote:
>
> In reply to Bharat Chari's statement "Airtel, unfortunately is amongst
> the top 5 spambot networks in the world". I agree. But I would not lay
> the entire blame on Airtel alone.
> The reason so many spambots are hosted on these networks is the low and
> could not care 2 hoots about my machine being infected attitude of users
> that leads to this. Educating users to be proactive about protecting
> their computing environment (mostly one dominant OS) from infiltration
> and hijack is a must. Major Indian ISP's such as Airtel should also
> participate in the efforts to take down the command and control centers
> of these spambot networks.
>
>
> Perhaps someone should attempt to persuade Airtel to block outbound port
> 25 traffic from their dhcp and/or residential subscribers that's not
> destined to their smtp servers. This is what Cox (cable) and Centurylink
> (DSL) both do in this area. I think doing so goes a long way toward
> thwarting infected machines.
>
> Personally, I use a perimeter firewall to block any outbound port 25
> traffic that doesn't originate from my QMT host. This keeps unauthorized
> email from going out on an IP address which also services user internet
> access.
>
>  This is way beyond the scope of the average user.  My father for instance
> could never on his own block port 25 traffic.  He use to have a Windows box
> and recently upgraded.  I built him a Linux box and it seems to have
> stopped any Malware problems he was having.
>
> --
>
<>

Re: [qmailtoaster] Re: Mail issue

[Bharath Chari]

On Monday 02 April 2012 04:55 AM, Eric Shubert wrote:

On 04/01/2012 10:55 AM, Délsio Cabá wrote:

I must agree that the options:
#reject-empty-rdns
#reject-ip-in-cc-rdns
reject-missing-sender-mx
#reject-unresolvable-rdns

are very useful for blocking spam, but unfortunately I keep having
complains from some clients that emails were not coming in. I fould out
that some mail server don't even have reverse Ip configured and others
have but the reverse name had not A Records.
So I decided to disable reject-empty-rdns and reject-unresolvable-rdns.


I haven't seen that many that are misconfigured. In some cases the 
domain has moved to another host which is not quite configured 
correctly yet.


I ask my customers for the domain(s) that are being blocked, and 
explain to them that gmail is blocking email from that domain as well. 
Then I attempt to contact the admin and let them know what the problem 
is, and whitelist the domain in spamdyke.


I'm simply not willing to forgo the advantages these filters give 
everyone else due to a few lame brained mail admins. To each his own 
though.



So I rely only in RBL.
What's the differente between dns-blacklist-entry=sbl-xbl.spamhaus.org
 and
dns-blacklist-entry=sbl-xbl.spamhaus.org 
and |check-dnsrbl=|sbl-xbl.spamhaus.org  ?


Check with spamhaus.org on that. They have several lists.

Coming back to Rajesh's original problem, I don't think he's using the 
spamhaus zen blocklist. Because airtel has clearly listed their dynamic 
IP blocks as not suitable for smtp in the PBL. I use zen and none of the 
Airtel dynamic IP spambots get through to me.


http://www.spamhaus.org/pbl/query/PBL243394 shows one of their IP blocks

Bharath



-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
   Vickers Consulting Group offers Qmailtoaster support and installations.
 If you need professional help with your setup, contact them today!
-
Please visit qmailtoaster.com for the latest news, updates, and packages.

 To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com