thanks eric
now i spent few hours in capturing those ip's and updated blacklist_ip, the 
spam flow seems tobe low.
> .) What's in your /etc/spamdyke/whitelist_rdns file? I'm curious to know > 
> what's causing the WARNING message.
in whitelist_rdns i did added .vendordomain1.com .vendordomain2.com etc., there 
were around 150 entries i made
> You've apparently whitelisted this IP now? This shows that spamdyke > 
> accepted the message, even though there is apparently no rDNS for it. > The 
> unknown auth is normal for incoming inter-domain messages (because > they 
> don't authenticate).
no, i have not whitelisted this ip. 
> So when you identify a vendor whose email is being rejected, you need to > 
> whitelist that vendor. This can be done is a couple different ways. I > would 
> recommend whitelisting the domain by adding> @myscrewedupvendorsdomain.com> 
> to your whitelist_senders file. This will always accept email from that 

how do we identify the mails are rejected, is there any script available? so 
that as when it is when the rejection happen's it will be easier to find it.. 
else i need to go through the log's frequently and grep it for the same? 
at present i have few @domainname.com in whitelist_senders, do i need to give 
the full e-mail id's or just @domainname.com as you mentioned 
"@myscrewedupvendorsdomain.com" 
now i uncommented the zen.spamhaus.org in spamdyke.conf and could see lots of 
DENIED_RBL_MATCH.. but still scared to red face of the management (freaky 
paranoid :-) ).
we are solely depending on the vendors for the business. could be that was 
causing the management guys to show their faces. No one is ready to send mails 
to their mail server managed guys and explain, even when i tried sending 
multiple multiple mails there wasn't no response from them. Rather they would 
love to do a blame game on the same.
That's worries me.
--Nic



> > Can you please guide me?> 
> Sure.
> 
> Some of your vendors will and do have misconfigured mail servers. This 
> is a problem for them, and you'll be doing them a favor notifying them 
> of their misconfiguration. They will have trouble getting mail sent to 
> other domains as well, as many mail servers are adopting similar 
> anti-spam measures.
> 
> So when you identify a vendor whose email is being rejected, you need to 
>   whitelist that vendor. This can be done is a couple different ways. I 
> would recommend whitelisting the domain by adding
> @myscrewedupvendorsdomain.com
> to your whitelist_senders file. This will always accept email from that 
> domain, even if/when it comes from different IP addresses or its rDNS 
> record changes. You should know though that sending addresses are easily 
> spoofed, so this might allow some spam if a spammer were to spoof your 
> vendor's domain name. If that were to happen, you should consider 
> whitelisting their IP address or rDNS name.
> 
> If your management is real freaky/paranoid about rejecting vendor 
> emails, you could simply add all of your vendor's domains to your 
> whitelist_senders file. I wouldn't recommend doing this, as it will not 
> allow you to identify which vendors have a problem, and you will not be 
> able to let them know that they have a problem so that they can get it 
> fixed. In addition, whitelisting every vendor opens the door to more 
> spam and confusion should a spammer happen to use your vendor's domain. 
> This isn't a big risk, but it could happen pretty easily.
> 
> Your management needs to know that it's your vendor's email server that 
> is misconfigured, *not* your server. Your management should also 
> appreciate that whitelisting is a (temporary) workaround that your email 
> server provides to circumvent errors with *other* servers. In addition, 
> whitelisting *needs* to be done only in a very small percentage of cases.
> 
> You might also consider showing your management how much spam is being 
> blocked by QMT. There are some scripts floating around, one for spamdyke 
> and one for spamassassin, that show some these statistics. QMT with 
> spamdyke and spamassassin is as capable as anything (including 
> commercial services) when it comes to blocking spam with very few false 
> positives.
> 
> That's my assessment at this point. Let us know how you make out.
> 
> -- 
> -Eric 'shubes'
> 
> 
> ---------------------------------------------------------------------------------
> Qmailtoaster is sponsored by Vickers Consulting Group 
> (www.vickersconsulting.com)
>     Vickers Consulting Group offers Qmailtoaster support and installations.
>       If you need professional help with your setup, contact them today!
> ---------------------------------------------------------------------------------
>      Please visit qmailtoaster.com for the latest news, updates, and packages.
>      
>       To unsubscribe, e-mail: [email protected]
>      For additional commands, e-mail: [email protected]
> 
> 
                                          
_________________________________________________________________
New Windows 7: Find the right PC for you. Learn more.
http://windows.microsoft.com/shop

Reply via email to