Re: [spamdyke-users] rdns-whitelist-file
You only need to use rdns-whitelist-file to bypass filters for specific remote servers. If those servers aren't being filtered, there's no need to use this file. You cannot list email addresses in the rDNS whitelist file. It is only for reverse DNS names. If you want to whitelist sender email addresses, you should use sender-whitelist-file. http://www.spamdyke.org/documentation/README.html#WHITELISTING_ADDRESSES NOTE: Whitelisting sender addresses is a BAD IDEA. Sender addresses are VERY easy to forge and if a spammer forges an address on your whitelist, spamdyke won't stop it. -- Sam Clippinger night duke wrote: So if i want to receive from a domain i will add thatdomain.com and if i want to receive from gw.otherdomain.com Both of them are correctly added. And also i can add emails there like [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] Thanks a lot. Nightduke */Sam Clippinger [EMAIL PROTECTED]/* escribió: The file used with rdns-whitelist-file can only contain the reverse DNS names of remote servers, not email addresses. See the online documentation for full details: http://www.spamdyke.org/documentation/README_rdns_file_format.html -- Sam Clippinger night duke wrote: Hi i wish to know which format must be used in this file. with domains [EMAIL PROTECTED] or mydomain.com or [EMAIL PROTECTED] Which one is the best one? Thanks a lot. Nightduke __ ¿Chef por primera vez? Sé un mejor Cocinillas. http://es.answers.yahoo.com/info/welcome ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users ¿Chef por primera vez? - Sé un mejor Cocinillas. Entra en Yahoo! Respuestas http://es.rd.yahoo.com/evt:51361/*http://es.answers.yahoo.com/dir/index;_ylc=X3oDMTE4ZWhyZjU0BF9TAzIxMTQ3MTQzMjIEc2VjA0Jhbm5lcgRzbGsDQWNxdWlzaXRpb24-?link=oversid=396545367. ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] Rcpt address check
I don't think those two suggestions are mutually exclusive. #1 is actually more complicated however, since DIR/DOMAIN/USER isn't always enough. vpopmail aliases can look like this: DIR/DOMAIN/.qmail-USER If those two don't exist, sometimes a catchall address can exist, which looks like this: DIR/DOMAIN/.qmail-default However, the difference between a catchall address and a delete bounced address is the contents of the .qmail-default file. That's all for standard vpopmail. vpopmail can also store its user information in a database. Standard (vanilla) qmail stores its user information in a CDB file. Plesk uses a database. See how quickly this becomes complicated? -- Sam Clippinger Davide Bozzelli wrote: Sam Clippinger ha scritto: Actually, spamdyke already does this. If qmail rejects the recipient, spamdyke logs the rejection as DENIED_OTHER. Unfortunately, qmail doesn't check recipients by default, though there are some patches available to add that ability. Instead, qmail accepts all incoming mail and bounces invalid recipients later. I'll get this one added eventually, probably by allowing spamdyke to run an external program that can check the recipient. That way it could be configured to work with any qmail setup. Yes this is a must-have feature for spamdyke . I suggest to use two approaches: 1) check recipients from a dir tree like $base_dir/$domain/$username (assuming that the recipient address will be splitted in $username and $domain ) 2) check recicpients by executing an external helper which returns 1 (no such user) or 0 (user found) I think 1) gives the best performance, and 2) the best flexibility Of course they are mutually exclusive, use 1) or 2) not both . Have fun, Davide ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] Whitelist and gray/greylisting
Some spam will inevitably get through the graylist filter. It's not a perfect solution but it does stop a lot of spam. As spammers adopt better methods, graylisting will eventually become useless. -- Sam Clippinger night duke wrote: Well for a strange reason a few emails from spammers are graylisted and i will receive emails from them... How can i remove those domains?How can i check mx feature it's working? Thanks Nightduke */Sam Clippinger [EMAIL PROTECTED]/* escribió: I think I understand your suggestion now. However, adding flags to keep the whitelists from overriding all filters would probably make spamdyke so complicated it would be difficult or impossible to install. Once the new configuration system is in place, you should be able to disable the rDNS tests for specific recipients or remote servers as needed. If it still doesn't do what you need, we can discuss further enhancements. -- Sam Clippinger Ton van Rosmalen wrote: Hi Sam, I didn't mean a separate whitelist for each filter. As it is now some connections are terminated with |DENIED_RDNS_MISSING or ||DENIED_RDNS_RESOLVE |from valid but misconfigured mailservers. I'd like to allow these connections but AFAIK the only option available is whitelisting them apart from disabling the general rdns checks. The same would happen when whitelisting the recipient address. What I suggested is an option to use graylisting even when a whitelist-test succeeded. E.g. an option: graylist-when-whitelisted That way at least some level of protection is available in case of abuse of a whitelisted address. Or perhaps I could achieve the same result using: no-graylist-dir always-graylist-* But again, what I read with whitelisting (as it should) in the docs is and skip all filters if it is found. Skipping all filters I interpret as also skipping graylisting. If I'm wrong please correct me. When I look at your description of the upcoming addition I could create the set-up I would like, so we'll leave this as it is. Should you require some help (testing and/or development) of a (pre-)release do not hesitate to contact me. Ton Sam Clippinger schreef: If I understand you correctly, you want a separate whitelist file for each filter? That sounds similar to the never-graylist-* and always-graylist-* options -- whitelists and blacklists that only affect the graylist feature. Keep in mind, adding white/blacklists for just the graylist feature created 7 new options. I'm a little hesitant to repeat that effort for every filter; spamdyke would gain hundreds of options! Configuring spamdyke would become nearly impossible. I'm currently working on adding a system to allow spamdyke to be reconfigured per IP, rDNS, sender and/or recipient. When it's ready, you should be able to accomplish what you're trying to do by creating new configuration files with specific names. For example, you would be able to have a global configuration file that activates all the filters, then create some local configuration files that deactivate some of the filters for specific IP addresses or rDNS names or whatever. Potentially, you (or someone) could then create a control panel to allow users to edit the filters affecting just their mail (or perhaps all mail for their domain). Every user could (potentially) have their own whitelists, DNS RBLs, etc that are only used when mail is delivered to them. That system should be ready soon, hopefully in the next version. -- Sam Clippinger Ton van Rosmalen wrote: Hi all, I've been using spamdyke for a couple of weeks now and I'm very happy with it. As always customers start questioning us about not receiving e-mails from certain senders. After checking the logs the conclusion is always that no rdns is found or that the found name doesn't resolve. The problem that arises is that our customer start complaining about this because they can't receive orders etc. For now I've put a couple of the senders ip-addresses on a whitelist to prevent the denial because of their misconfiguration. I've also tried to add greylisting for the domain to provide some degree of anti-spam control. What I (think I) observe is that because of the whitelisting all checks, including greylisting, are skipped. Would it be
[spamdyke-users] smtp auth fixed...
Finally i fixed with some help of Sam Clippinger my problem with spamdyke and
smtp-auth...i was unable to use lotus notes and outlook autentication... with
spamdyke.Let me show how i can i fixed...
cat smtp_psa
service smtp
{
socket_type = stream
protocol= tcp
wait= no
disable = no
user= root
instances = UNLIMITED
server = /var/qmail/bin/tcp-env
server_args = -Rt0 /usr/local/bin/spamdyke -f
/var/qmail/spamdyke/spamdyke.conf /var/q
mail/bin/relaylock /var/qmail/bin/qmail-smtpd /var/qmail/bin/smtp_auth
/var/qmail/bin/true /var/qm ail/bin/cmd5checkpw
/var/qmail/bin/true
My spamdyke.conf
cat spamdyke.conf
log-level=4
local-domains-file=/var/qmail/control/rcpthosts
max-recipients=10
idle-timeout-secs=60
policy-url= http://www.spamhaus.org/
ip-whitelist-file=/var/qmail/spamdyke/whitelist_ip
greeting-delay-secs=5
reject-missing-sender-mx
tls-certificate-file=/var/qmail/control/servercert.pem
policy-url= http://www.spamhaus.org/
ip-whitelist-file=/var/qmail/spamdyke/whitelist_ip
check-dnsrbl=bogons.cymru.com
check-dnsrbl=zen.spamhaus.org
check-dnsrbl=bl.spamcop.net
check-dnsrbl=cbl.abuseat.org
check-dnsrbl=sbl-xbl.spamhaus.org
check-dnsrbl=list.dsbl.org
check-dnsrbl=ubl.unsubscore.com
check-dnsrbl=dhcp.tqmcube.com
check-dnsrbl=prc.tqmcube.com
check-dnsrbl=no-more-funn.moensted.dk
check-dnsrbl=sbl.spamhaus.org
check-dnsrbl=pbl.spamhaus.org
check-dnsrbl=spam.tqmcube.com
check-dnsrbl=bl.emailbasura.org
graylist-dir=/var/qmail/graylist
graylist-max-secs=1814400
graylist-min-secs=300
sender-blacklist-file=/var/qmail/spamdyke/blacklist_senders
smtp-auth-command-encryption=/var/qmail/bin/smtp_auth
smtp-auth-command-encryption=/bin/true
smtp-auth-command-encryption=/var/qmail/bin/cmd5checkpw
smtp-auth-command-encryption= /bin/true
rdns-whitelist-file=/var/qmail/spamdyke/rdns-whitelist-file
reject-empty-rdns
reject-unresolvable-rdns
reject-ip-in-cc-rdns
Thanks a lot for everyone and especiallt to Clippinger
It's important the order of each line or it' dosen't matter...
Thanks.
Nightduke
-
¿Chef por primera vez? - Sé un mejor Cocinillas.
Entra en Yahoo! Respuestas.
___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] Rcpt address check
Yes i see how can how can this be complicated...or difficult... What do you sugguest to me to do? Thanks Nightduke Sam Clippinger [EMAIL PROTECTED] escribió: I don't think those two suggestions are mutually exclusive. #1 is actually more complicated however, since DIR/DOMAIN/USER isn't always enough. vpopmail aliases can look like this: DIR/DOMAIN/.qmail-USER If those two don't exist, sometimes a catchall address can exist, which looks like this: DIR/DOMAIN/.qmail-default However, the difference between a catchall address and a delete bounced address is the contents of the .qmail-default file. That's all for standard vpopmail. vpopmail can also store its user information in a database. Standard (vanilla) qmail stores its user information in a CDB file. Plesk uses a database. See how quickly this becomes complicated? -- Sam Clippinger Davide Bozzelli wrote: Sam Clippinger ha scritto: Actually, spamdyke already does this. If qmail rejects the recipient, spamdyke logs the rejection as DENIED_OTHER. Unfortunately, qmail doesn't check recipients by default, though there are some patches available to add that ability. Instead, qmail accepts all incoming mail and bounces invalid recipients later. I'll get this one added eventually, probably by allowing spamdyke to run an external program that can check the recipient. That way it could be configured to work with any qmail setup. Yes this is a must-have feature for spamdyke . I suggest to use two approaches: 1) check recipients from a dir tree like $base_dir/$domain/$username (assuming that the recipient address will be splitted in $username and $domain ) 2) check recicpients by executing an external helper which returns 1 (no such user) or 0 (user found) I think 1) gives the best performance, and 2) the best flexibility Of course they are mutually exclusive, use 1) or 2) not both . Have fun, Davide ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users - ¿Chef por primera vez? - Sé un mejor Cocinillas. Entra en Yahoo! Respuestas. ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] Rcpt address check
Sam Clippinger ha scritto: Actually, spamdyke already does this. If qmail rejects the recipient, spamdyke logs the rejection as DENIED_OTHER. Unfortunately, qmail doesn't check recipients by default, though there are some patches available to add that ability. Instead, qmail accepts all incoming mail and bounces invalid recipients later. I'll get this one added eventually, probably by allowing spamdyke to run an external program that can check the recipient. That way it could be configured to work with any qmail setup. Yes this is a must-have feature for spamdyke . I suggest to use two approaches: 1) check recipients from a dir tree like $base_dir/$domain/$username (assuming that the recipient address will be splitted in $username and $domain ) 2) check recicpients by executing an external helper which returns 1 (no such user) or 0 (user found) I think 1) gives the best performance, and 2) the best flexibility Of course they are mutually exclusive, use 1) or 2) not both . Have fun, Davide ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
[spamdyke-users] statistical data
Hi Sam, first of all i would like to thank you for providing this great software - it saved on our spam-gateway much cpu-time regarding spamassassin... I have one request regarding spamdyke statistics: I'd dont like very much that log-file-scanning method (run by 5 minutes) to get statistical data. What about the idea that spamdyke writes a small statistics file with simple counters (32bit-overflow?) for example. Then it should be very easy an performance-friendly to generate rrdtool-related graphs (MRTG, cacti). Example: DENIED_RBL_MATCH 985485 DENIED_RHSBL_MATCH 56 DENIED_SENDER_NO_MX 856 i know - spamdyke isnt a deamon, so on every run the stats-file must be parsed and updated - but i think its a more clean solution as scanning big logfiles... what do you think about it? many regards, Otto -- www.bergerdata.de night duke schrieb: It's possible to make stats of spam with maillog. It's easy to do with mrtg? Thanks Nightduke __ ¿Chef por primera vez? Sé un mejor Cocinillas. http://es.answers.yahoo.com/info/welcome ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] Whitelist and gray/greylisting
Well for a strange reason a few emails from spammers are graylisted and i will receive emails from them... How can i remove those domains?How can i check mx feature it's working? Thanks Nightduke Sam Clippinger [EMAIL PROTECTED] escribió: I think I understand your suggestion now. However, adding flags to keep the whitelists from overriding all filters would probably make spamdyke so complicated it would be difficult or impossible to install. Once the new configuration system is in place, you should be able to disable the rDNS tests for specific recipients or remote servers as needed. If it still doesn't do what you need, we can discuss further enhancements. -- Sam Clippinger Ton van Rosmalen wrote: Hi Sam, I didn't mean a separate whitelist for each filter. As it is now some connections are terminated with |DENIED_RDNS_MISSING or ||DENIED_RDNS_RESOLVE |from valid but misconfigured mailservers. I'd like to allow these connections but AFAIK the only option available is whitelisting them apart from disabling the general rdns checks. The same would happen when whitelisting the recipient address. What I suggested is an option to use graylisting even when a whitelist-test succeeded. E.g. an option: graylist-when-whitelisted That way at least some level of protection is available in case of abuse of a whitelisted address. Or perhaps I could achieve the same result using: no-graylist-dir always-graylist-* But again, what I read with whitelisting (as it should) in the docs is and skip all filters if it is found. Skipping all filters I interpret as also skipping graylisting. If I'm wrong please correct me. When I look at your description of the upcoming addition I could create the set-up I would like, so we'll leave this as it is. Should you require some help (testing and/or development) of a (pre-)release do not hesitate to contact me. Ton Sam Clippinger schreef: If I understand you correctly, you want a separate whitelist file for each filter? That sounds similar to the never-graylist-* and always-graylist-* options -- whitelists and blacklists that only affect the graylist feature. Keep in mind, adding white/blacklists for just the graylist feature created 7 new options. I'm a little hesitant to repeat that effort for every filter; spamdyke would gain hundreds of options! Configuring spamdyke would become nearly impossible. I'm currently working on adding a system to allow spamdyke to be reconfigured per IP, rDNS, sender and/or recipient. When it's ready, you should be able to accomplish what you're trying to do by creating new configuration files with specific names. For example, you would be able to have a global configuration file that activates all the filters, then create some local configuration files that deactivate some of the filters for specific IP addresses or rDNS names or whatever. Potentially, you (or someone) could then create a control panel to allow users to edit the filters affecting just their mail (or perhaps all mail for their domain). Every user could (potentially) have their own whitelists, DNS RBLs, etc that are only used when mail is delivered to them. That system should be ready soon, hopefully in the next version. -- Sam Clippinger Ton van Rosmalen wrote: Hi all, I've been using spamdyke for a couple of weeks now and I'm very happy with it. As always customers start questioning us about not receiving e-mails from certain senders. After checking the logs the conclusion is always that no rdns is found or that the found name doesn't resolve. The problem that arises is that our customer start complaining about this because they can't receive orders etc. For now I've put a couple of the senders ip-addresses on a whitelist to prevent the denial because of their misconfiguration. I've also tried to add greylisting for the domain to provide some degree of anti-spam control. What I (think I) observe is that because of the whitelisting all checks, including greylisting, are skipped. Would it be possible or is it possible to enable a whitelist (ip or senderbased) and still get greylisting? I would think adding this option shouldn't be to hard and am willing to investigate it myself and develop the code for it. Without the option specified everything would remain working as it is of course. Dumb idea? Nice feature? Let me know what you think. Thanks. Regards, Ton ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users ___ spamdyke-users
Re: [spamdyke-users] rdns-whitelist-file
If messages from the other machines are being blocked by spamdyke, add them to the rdns-whitelist-file. If they aren't being blocked, you don't need to do anything. -- Sam Clippinger night duke wrote: Ok but where i must add a localname of a machine from where i want to receive emails from... Like cron jobs...clamav updates...no more... Thanks Nightduke */Sam Clippinger [EMAIL PROTECTED]/* escribió: You only need to use rdns-whitelist-file to bypass filters for specific remote servers. If those servers aren't being filtered, there's no need to use this file. You cannot list email addresses in the rDNS whitelist file. It is only for reverse DNS names. If you want to whitelist sender email addresses, you should use sender-whitelist-file. http://www.spamdyke.org/documentation/README.html#WHITELISTING_ADDRESSES NOTE: Whitelisting sender addresses is a BAD IDEA. Sender addresses are VERY easy to forge and if a spammer forges an address on your whitelist, spamdyke won't stop it. -- Sam Clippinger night duke wrote: So if i want to receive from a domain i will add thatdomain.com and if i want to receive from gw.otherdomain.com Both of them are correctly added. And also i can add emails there like [EMAIL PROTECTED] Thanks a lot. Nightduke */Sam Clippinger /* escribió: The file used with rdns-whitelist-file can only contain the reverse DNS names of remote servers, not email addresses. See the online documentation for full details: http://www.spamdyke.org/documentation/README_rdns_file_format.html -- Sam Clippinger night duke wrote: Hi i wish to know which format must be used in this file. with domains [EMAIL PROTECTED] or mydomain.com or [EMAIL PROTECTED] Which one is the best one? Thanks a lot. Nightduke __ ¿Chef por primera vez? Sé un mejor Cocinillas. http://es.answers.yahoo.com/info/welcome ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users ¿Chef por primera vez? - Sé un mejor Cocinillas. Entra en Yahoo! Respuestas . ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users ¿Chef por primera vez? - Sé un mejor Cocinillas. Entra en Yahoo! Respuestas http://es.rd.yahoo.com/evt:51361/*http://es.answers.yahoo.com/dir/index;_ylc=X3oDMTE4ZWhyZjU0BF9TAzIxMTQ3MTQzMjIEc2VjA0Jhbm5lcgRzbGsDQWNxdWlzaXRpb24-?link=oversid=396545367. ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] Rcpt address check
Sam Clippinger ha scritto: I don't think those two suggestions are mutually exclusive. #1 is actually more complicated however, since DIR/DOMAIN/USER isn't always enough. vpopmail aliases can look like this: DIR/DOMAIN/.qmail-USER That's the point: the DIR tree must be populated by a script which scans the system and consider ALL the cases. For example the script on http://qmail.jms1.net/scripts/mkvalidrcptto.shtml populates the cdb file required by the validrcpto patch . So my point of view is that spamdyke must only provide the lookup mechanism, the job of creation of recipients list must be taken by an external entity (scripts) my 2 cents ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
