Re: My mail server flagged spam!
Marwan Sultan writes: > Hello list.. > > Well! im kinda lost here.. > I have like 8 domains hosted in my server. FreeBSD 7.2R, (...) > I have few customers complaining that thier emails (...) > Anyhints please? Well, i think you should move to Google Apps. It's very safe, reliable. And several big guns use it. An example is below: https://mail.google.com/a/berkeley.edu> Sincerely, -- 소여물 황병희(黃炳熙) | .. 출항 15분전.. "Consult the best lawyers on criminal law." -- Vito Corleone, "Chapter 20", page 296 pgphcuOcb8fXK.pgp Description: PGP signature
RE: My mail server flagged spam!
> From owner-freebsd-questi...@freebsd.org Sat Oct 23 17:45:25 2010 > From: Marwan Sultan > To: > Date: Sat, 23 Oct 2010 22:46:40 + > Cc: FreeBSD Questions > Subject: RE: My mail server flagged spam! > > > Dear Dr. Matthew.=2C > =20 >When my client or any clients uses the web mail that i have configured= > =2C=20 >then everything works fine NO spam problems and email will be >received by hotmail=2C gmail and vise versa. > =20 >I found out that this particular client complaining because they use >outlook express NOT the web mail. > =20 >they configure their outlook express to use SMTP user/password >with mail.clinet_domain.com as incoming/outgoing. > =20 > even if they send from x...@client_domain to ad...@mydomain.com > both are in same server=2C I will still receive it as SPAM. > (They are sending from outlook.) > =20 > looking at spam log=2C and why its scored as spam.. here is a copy. > =20 > pts rule name description=20 > -- ---= > ---=20 > 0.9 RCVD_IN_PBLRBL: Received via a relay in Spamhaus PBL=20 >[95.66.68.100 listed in zen.spamhaus.org]=20 > 0.0 HTML_MESSAGE BODY: HTML included in message=20 > 0.0 BAYES_50 BODY: Bayesian spam probability is 40 to 60%=20 >[score: 0.5019]=20 > 2.2 TVD_SPACE_RATIOBODY: TVD_SPACE_RATIO=20 > 0.1 RDNS_NONE Delivered to trusted network by a host with no r= > DNS=20 > 2.8 DOS_OE_TO_MX Delivered direct to MX with OE headers=20 > =20 > =20 > As you see 2.8 for DOS_OE_TO_MX > and 2.2 for TVD_SPACE_RATIO > =20 > I have looked for DOS_OE_TO_MX > and it says because client is sending "directly" to MX records? > well! i asked them to use "mail.server_name.com" for income/outgoing > for outlook express..but still the same error and email is scored as spam. > =20 > Any help is highly appreciate it. lots of stuff is mis-configured. If you have people outside your network addresses trying to send mail through your server, you need to be running a 'mail submission agent' on port 587, as well as the MTA on port 25. If you're not doing this already, you'll have to set it up. Since this access is password protected, and available only to your 'trusted' users, it does -not- need spam-filtering on it. (usually, that is -- you know your customers better than we do :) *AND* the client using Outlook Express needs to configure _it_ to use your server *on*port*587* as the 'outgoing mail server'. This will require entering 'authentication' information (username and password) into Outlook Express. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: My mail server flagged spam!
On Oct 24, 2010, at 3:28 PM, Marwan Sultan wrote: [ ... ] > Now to avoid the 2.8 DOS_OE_TO_MXDelivered direct to MX with OE headers > error.. > shall i add my domains MX records to local.cf as > trusted_networks mail.domain.com > or as > internal_networks mail.domain.com ? Please see: http://spamassassin.apache.org/full/3.3.x/doc/Mail_SpamAssassin_Conf.html#network_test_options http://wiki.apache.org/spamassassin/TrustPath "Why should trusted_networks and internal_networks ever be different? A mail relay that you want to trust in trusted_networks may itself trust its own internal dynamic IP networks. You may trust them not to be a spam source but putting them into your internal_networks list would create a false positive because then those dynamic IPs would be searched for in the DUL lists. This is an example where the two lists need to be different." If need be, also consider whitelist_from_rcvd (or maybe whitelist_auth if you implement SPF or DKIM). I'm also told that something like: meta AUTHD_RELAY !__LAST_UNTRUSTED_RELAY_NO_AUTH describe AUTHD_RELAY Message submission was via an authenticated user score AUTHD_RELAY -10 I believe there is even an optional patch in the spamass-milter port: http://www.freebsd.org/cgi/cvsweb.cgi/ports/mail/spamass-milter/files/extra-patch-addauth?rev=1.2 ...but it is probably better to just tweak the scoring a bit. Or switch to using amavisd-new, which could allow greater flexibility also Regards, -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
RE: My mail server flagged spam!
Dear Chuk, Im almost there.. Im trying to tweak local.cf (the spamassassin configuration file) to trust SMTP logins.. and Im kinda lost. I donot use postfix. I use sendmail + spamassassin. FBSD 7.2 Now to avoid the 2.8 DOS_OE_TO_MXDelivered direct to MX with OE headers error.. shall i add my domains MX records to local.cf as trusted_networks mail.domain.com or as internal_networks mail.domain.com ? Or its something else! I would appreciate your help. - Marwan > > On Oct 23, 2010, at 3:46 PM, Marwan Sultan wrote: > > they configure their outlook express to use SMTP user/password > > with mail.clinet_domain.com as incoming/outgoing. > > > > even if they send from x...@client_domain to ad...@mydomain.com > > both are in same server, I will still receive it as SPAM. > > (They are sending from outlook.) > > When someone is an authorized user of email, ie, they login to your SMTP > server via a good username+password, then you should configure your spam > filtering to treat them as trusted. For example, in postfix you could have: > > smtpd_recipient_restrictions = permit_mynetworks, > permit_sasl_authenticated, > [ ...before checks like... ] > check_policy_service inet:127.0.0.1:12525, > check_policy_service inet:127.0.0.1:10023, > > Regards, > -- > -Chuck > > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: My mail server flagged spam!
On Oct 23, 2010, at 3:46 PM, Marwan Sultan wrote: > they configure their outlook express to use SMTP user/password > with mail.clinet_domain.com as incoming/outgoing. > > even if they send from x...@client_domain to ad...@mydomain.com > both are in same server, I will still receive it as SPAM. > (They are sending from outlook.) When someone is an authorized user of email, ie, they login to your SMTP server via a good username+password, then you should configure your spam filtering to treat them as trusted. For example, in postfix you could have: smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, [ ...before checks like... ] check_policy_service inet:127.0.0.1:12525, check_policy_service inet:127.0.0.1:10023, Regards, -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
RE: My mail server flagged spam!
Dear Dr. Matthew., When my client or any clients uses the web mail that i have configured, then everything works fine NO spam problems and email will be received by hotmail, gmail and vise versa. I found out that this particular client complaining because they use outlook express NOT the web mail. they configure their outlook express to use SMTP user/password with mail.clinet_domain.com as incoming/outgoing. even if they send from x...@client_domain to ad...@mydomain.com both are in same server, I will still receive it as SPAM. (They are sending from outlook.) looking at spam log, and why its scored as spam.. here is a copy. pts rule name description -- -- 0.9 RCVD_IN_PBLRBL: Received via a relay in Spamhaus PBL [95.66.68.100 listed in zen.spamhaus.org] 0.0 HTML_MESSAGE BODY: HTML included in message 0.0 BAYES_50 BODY: Bayesian spam probability is 40 to 60% [score: 0.5019] 2.2 TVD_SPACE_RATIOBODY: TVD_SPACE_RATIO 0.1 RDNS_NONE Delivered to trusted network by a host with no rDNS 2.8 DOS_OE_TO_MX Delivered direct to MX with OE headers As you see 2.8 for DOS_OE_TO_MX and 2.2 for TVD_SPACE_RATIO I have looked for DOS_OE_TO_MX and it says because client is sending "directly" to MX records? well! i asked them to use "mail.server_name.com" for income/outgoing for outlook express..but still the same error and email is scored as spam. Any help is highly appreciate it. - Marwan > Date: Thu, 21 Oct 2010 06:42:06 +0100 > From: m.sea...@infracaninophile.co.uk > To: dead_l...@hotmail.com > CC: freebsd-questions@freebsd.org > Subject: Re: My mail server flagged spam! > > On 21/10/2010 01:10, Marwan Sultan wrote: > > if I check that domain in mxtoolbox.com > > it complains "Warning - Reverse DNS does not match SMTP Banner" > > could it be the SMTP banner flagging the mail as spam? > > This is certainly possible. It would add spam points on my servers. > > The address in question is the one presented by your mail server during > the SMTP dialogue -- the first line it sends in fact. Something like this: > > EHLO smtp.example.com > > By default it will use the hostname of your server, but you can override > that. > > It is this address that you have to be really strict about: the address > should resolve to the IP that the server connects via (not necessarily > the IP of the server if there are NAT gateways involved), and a reverse > lookup of that IP should return the name again. > > This name used in the EHLO banner doesn't have to be anything to do with > the addresses on the e-mail, except in as far as either side is using > SPF and you have chosen to add that information to the SPF selector(s). > SPF seems to be going out of favour now, and sensible mail admins > didn't make accept/deny decisions entirely on pass/fail of SPF tests, > but still, for best results with a mail system, you should take care to > get that right. > > Cheers, > > Matthew > > -- > Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard > Flat 3 > PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate > JID: matt...@infracaninophile.co.uk Kent, CT11 9PW > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: My mail server flagged spam!
On 21/10/2010 01:10, Marwan Sultan wrote: > if I check that domain in mxtoolbox.com > it complains "Warning - Reverse DNS does not match SMTP Banner" > could it be the SMTP banner flagging the mail as spam? This is certainly possible. It would add spam points on my servers. The address in question is the one presented by your mail server during the SMTP dialogue -- the first line it sends in fact. Something like this: EHLO smtp.example.com By default it will use the hostname of your server, but you can override that. It is this address that you have to be really strict about: the address should resolve to the IP that the server connects via (not necessarily the IP of the server if there are NAT gateways involved), and a reverse lookup of that IP should return the name again. This name used in the EHLO banner doesn't have to be anything to do with the addresses on the e-mail, except in as far as either side is using SPF and you have chosen to add that information to the SPF selector(s). SPF seems to be going out of favour now, and sensible mail admins didn't make accept/deny decisions entirely on pass/fail of SPF tests, but still, for best results with a mail system, you should take care to get that right. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate JID: matt...@infracaninophile.co.uk Kent, CT11 9PW signature.asc Description: OpenPGP digital signature
Re: My mail server flagged spam!
On Oct 20, 2010, at 5:10 PM, Marwan Sultan wrote: > Hello list.. > > Well! im kinda lost here.. > I have like 8 domains hosted in my server. FreeBSD 7.2R, sendmail, > openwebmail, spamassassin, milter all installed. > > I have few customers complaining that thier emails (the domain they send > from) to hotmail/yahoo..etc.. > flagged as spam! i have googled and found most of problems about forward, > reverse DNS. > for me PTR, reverse DNS matchs the domain name. all the 8 domains matchs > reverse, PTR. Since you didn't provide an example DSN or even anonymized logs of a bounce, we can't guess-- in general you'd discuss a specific bounce message with the postmaster of site which bounced it. As for hotmail.com, they can't even be bothered to make postmaster@ work: http://www.rfc-ignorant.org/tools/lookup.php?domain=hotmail.com ...which means they're sufficiently broken that you should expect mail failures. Regards, -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
My mail server flagged spam!
Hello list.. Well! im kinda lost here.. I have like 8 domains hosted in my server. FreeBSD 7.2R, sendmail, openwebmail, spamassassin, milter all installed. I have few customers complaining that thier emails (the domain they send from) to hotmail/yahoo..etc.. flagged as spam! i have googled and found most of problems about forward, reverse DNS. for me PTR, reverse DNS matchs the domain name. all the 8 domains matchs reverse, PTR. if I check that domain in mxtoolbox.com it complains "Warning - Reverse DNS does not match SMTP Banner" could it be the SMTP banner flagging the mail as spam? ofcourse the SMTP banner matchs 1 domain out of the 8. which is my server main domain. SO if anyone sends any email from my server the SMTP banner will show my sever name. this one should not be a problem isnt? Now the case become worse! the same customers who are using that domain complaining that even if they send to the same domain name x...@domain1.com to y...@domain1.com same domain to same server.. its flagged as spam too. No, none of my domains in any black list. Anyhints please? Thank you - Marwan Sultan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"