Re: [qmailtoaster] Re: re Invalid rcpthosts client email addresses sending emails to other rcpthosts clients
Sorry, I don't understand problem, again. Are you receiving e-mails which SPF should not allow? Any of your accounts is sending out spam emails? Tonino Il 18/11/2010 07:05, Tony White ha scritto: Hi folks, Will this cure my issue, at least for now... 1. Have all my users use the QMT servers via SMTP-AUTH. 2. Set spf records to only allow my ip addresses to send mail for these domains. The original problem was/is... email being sent to my servers using valid/invalid accounts for domains that are on my servers. I wanted to verify the email address against valid ones to reduce the amount of spam. As an example I have apparently sent 1500 emails to my clients including myself each day for the last few days. Obviously this is not true. So doing the spf thing should stop those buggers from using my and other clients names to send email and they will need to have a username and password to validate before a send is accepted!. It would appear that the email accounts a very old. The emails that are arriving have 5-10 valid domain but valid/invalid users in the To Field. The same for CC and BCC. They are the same addresses in each section. On 18/11/2010 10:10 AM, Tonix (Antonio Nati) wrote: Il 17/11/2010 23:41, Eric Shubert ha scritto: On 11/17/2010 03:30 PM, Tonix (Antonio Nati) wrote: Il 17/11/2010 15:56, Eric Shubert ha scritto: That's a problem all right. I don't expect that using the submission port would fix that either. The spfbehavior file should be separate for the submission port to make that happen. Ultimately, SPF should not be enforced for authenticated users. There has been some talk about implementing SPF in spamdyke (I've been a proponent of this). Perhaps we can nudge Sam and get it implemented there. That would solve the problem. Sorry I do not understand the problem: as far as I see SPF must be disabled on submission port and for authenticated users, otherwise none could give to authorized servers e-mails to relay. Sources I'm using for qmail-smtpd check SPF only if RELAYCLIENT is not set. Regards, Tonino I believe Tonino's correct. On second thought, I misunderstood the problem. The problem is that mobile users submit email via the mobile smtp service, and don't come through QMT. Those servers would somehow need to be included in the SPF record. It has nothing to do with QMT (which is what creates the problem, somewhat ironically). I feel when using SPF you have no other choice than relaying to ISP servers. Adding all possible SMTP servers of mobile operator is out of our possibility :-). Ciao! Tonino -- in...@zioniInterazioni di Antonio Nati http://www.interazioni.it to...@interazioni.it - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: re Invalid rcpthosts client email addresses sending emails to other rcpthosts clients
Hello, Yes I am receiving emails that SPF should not allow. BUT and it is a big BUT! I have clients that have mobile devices that use their mobile device ISP smtp server to send mail. If I make SPF only allow MY smtp servers then these folks cannot send mail from their mobile devices! No, none of my accounts are sending out spam emails. All emails are from smtp servers outside of my control. Sorry if I am wrong to do this here but I thought I might include one as an example... NB The ONLY valid email address is mine t...@ycs.com.au, all the others are rubbish! -- ACTUAL EXAMPLE RECEIVED From - Thu Nov 18 12:36:23 2010 X-Account-Key: account11 X-UIDL: 1290043761.13702.indialau.bigpuddle.net,S=2602 X-Mozilla-Status: 0011 X-Mozilla-Status2: X-Mozilla-Keys: Return-Path:bi...@gpdv.com.au Delivered-To: t...@ycs.com.au Received: (qmail 13700 invoked by uid 89); 18 Nov 2010 01:29:21 - Received: from unknown (HELO ?222.119.250.144?) (222.119.250.144) by indialau.bigpuddle.net with SMTP; 18 Nov 2010 01:29:20 - Received-SPF: none (indialau.bigpuddle.net: domain at gpdv.com.au does not designate permitted sender hosts) Received: from 222.119.250.144(helo=vkddebf.pnpxyhcbajz.info) by with esmtpa (Exim 4.69) (envelope-from ) id 1MM3A9-7030gu-RU for t...@ycs.com.au; Thu, 18 Nov 2010 10:29:20 +0900 To:t...@ycs.com.au, to...@ycs.com.au, stee...@ycs.com.au, accplusk...@ycs.com.au Cc:accpluss...@ycs.com.au, accpluse...@ycs.com.au, accplush...@ycs.com.au, accplusq...@ycs.com.au, accplusu...@ycs.com.au, accplusw...@ycs.com.au, accplust...@ycs.com.au, accplusr...@ycs.com.au, accplusf...@ycs.com.au Subject: Re: CV From:t...@ycs.com.au, to...@ycs.com.au, stee...@ycs.com.au, accplusk...@ycs.com.au Cc:accpluss...@ycs.com.au, accpluse...@ycs.com.au, accplush...@ycs.com.au, accplusq...@ycs.com.au, accplusu...@ycs.com.au, accplusw...@ycs.com.au, accplust...@ycs.com.au, accplusr...@ycs.com.au, accplusf...@ycs.com.au MIME-Version: 1.0 Importance: High Content-Type: text/html !DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.0 Transitional//EN HTMLHEAD META http-equiv=Content-Type content=text/html; charset=iso-8859-2 /HEAD BODYA foreign owned company is looking for Online Sales Administrator to assist in the day to day running of our outlet online.br br bDUTIES INCLUDE:/bbr Administrating day-to-day financial responsibilities for our clientsbr data inputbr capable to fast reply to all emails coming from your personal HRbr Managerbr Preparing brief summary reports, and weekly financial reportsbr br bSKILLS REQUIRED:/bbr 1. Keyboard Typing.br 2. basic Miscrosoft Office skills.br 3. constantly available on the phone during the daytimebr br bPREVIOUS EXPERIENCE OR TRAINING IN THE FOLLOWING WOULD BE AN ADVANTAGE/b:br Office administrationbr Call handlingbr Customer servicebr Typing and correspondencebr Email correspondencebr Research including web based researchbr Database managementbr br bHOURS:/bbr Mon to Fri 9am-3pm - Weekends as requiredbr Rate of pay by negotiation, minimum guaranteed GBP 1,500 PER MONTH.br br bLocation:/b AUSTRALIA ONLYbr bAGE:/b at least 18 year old, or olderbr br To apply please emailbof...@australia-resume.com/b/BODY/HTML -- ACTUAL EXAMPLE RECEIVED On 18/11/2010 7:05 PM, Tonix (Antonio Nati) wrote: Sorry, I don't understand problem, again. Are you receiving e-mails which SPF should not allow? Any of your accounts is sending out spam emails? Tonino Il 18/11/2010 07:05, Tony White ha scritto: Hi folks, Will this cure my issue, at least for now... 1. Have all my users use the QMT servers via SMTP-AUTH. 2. Set spf records to only allow my ip addresses to send mail for these domains. The original problem was/is... email being sent to my servers using valid/invalid accounts for domains that are on my servers. I wanted to verify the email address against valid ones to reduce the amount of spam. As an example I have apparently sent 1500 emails to my clients including myself each day for the last few days. Obviously this is not true. So doing the spf thing should stop those buggers from using my and other clients names to send email and they will need to have a username and password to validate before a send is accepted!. It would appear that the email accounts a very old. The emails that are arriving have 5-10 valid domain but valid/invalid users in the To Field. The same for CC and BCC. They are the same addresses in each section. On 18/11/2010 10:10 AM, Tonix (Antonio Nati) wrote: Il 17/11/2010 23:41, Eric Shubert ha scritto: On 11/17/2010 03:30 PM, Tonix (Antonio Nati) wrote: Il 17/11/2010 15:56, Eric Shubert ha scritto: That's a problem all right. I don't expect that using the submission port would fix that
Re: [qmailtoaster] Re: re Invalid rcpthosts client email addresses sending emails to other rcpthosts clients
I think you have no other choise, except forcing your customers to use your relay servers. Set up a dedicated IP where you accept only authenticated users (i.e. relay.ycs.com.au), and use the submission port (587) for accepting their emails in case mobile companies block sending to port 25. Regards, Tonino Il 18/11/2010 09:30, Tony White ha scritto: Hello, Yes I am receiving emails that SPF should not allow. BUT and it is a big BUT! I have clients that have mobile devices that use their mobile device ISP smtp server to send mail. If I make SPF only allow MY smtp servers then these folks cannot send mail from their mobile devices! No, none of my accounts are sending out spam emails. All emails are from smtp servers outside of my control. Sorry if I am wrong to do this here but I thought I might include one as an example... NB The ONLY valid email address is mine t...@ycs.com.au, all the others are rubbish! -- ACTUAL EXAMPLE RECEIVED From - Thu Nov 18 12:36:23 2010 X-Account-Key: account11 X-UIDL: 1290043761.13702.indialau.bigpuddle.net,S=2602 X-Mozilla-Status: 0011 X-Mozilla-Status2: X-Mozilla-Keys: Return-Path:bi...@gpdv.com.au Delivered-To: t...@ycs.com.au Received: (qmail 13700 invoked by uid 89); 18 Nov 2010 01:29:21 - Received: from unknown (HELO ?222.119.250.144?) (222.119.250.144) by indialau.bigpuddle.net with SMTP; 18 Nov 2010 01:29:20 - Received-SPF: none (indialau.bigpuddle.net: domain at gpdv.com.au does not designate permitted sender hosts) Received: from 222.119.250.144(helo=vkddebf.pnpxyhcbajz.info) by with esmtpa (Exim 4.69) (envelope-from ) id 1MM3A9-7030gu-RU for t...@ycs.com.au; Thu, 18 Nov 2010 10:29:20 +0900 To:t...@ycs.com.au, to...@ycs.com.au, stee...@ycs.com.au, accplusk...@ycs.com.au Cc:accpluss...@ycs.com.au, accpluse...@ycs.com.au, accplush...@ycs.com.au, accplusq...@ycs.com.au, accplusu...@ycs.com.au, accplusw...@ycs.com.au, accplust...@ycs.com.au, accplusr...@ycs.com.au, accplusf...@ycs.com.au Subject: Re: CV From:t...@ycs.com.au, to...@ycs.com.au, stee...@ycs.com.au, accplusk...@ycs.com.au Cc:accpluss...@ycs.com.au, accpluse...@ycs.com.au, accplush...@ycs.com.au, accplusq...@ycs.com.au, accplusu...@ycs.com.au, accplusw...@ycs.com.au, accplust...@ycs.com.au, accplusr...@ycs.com.au, accplusf...@ycs.com.au MIME-Version: 1.0 Importance: High Content-Type: text/html !DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.0 Transitional//EN HTMLHEAD META http-equiv=Content-Type content=text/html; charset=iso-8859-2 /HEAD BODYA foreign owned company is looking for Online Sales Administrator to assist in the day to day running of our outlet online.br br bDUTIES INCLUDE:/bbr Administrating day-to-day financial responsibilities for our clientsbr data inputbr capable to fast reply to all emails coming from your personal HRbr Managerbr Preparing brief summary reports, and weekly financial reportsbr br bSKILLS REQUIRED:/bbr 1. Keyboard Typing.br 2. basic Miscrosoft Office skills.br 3. constantly available on the phone during the daytimebr br bPREVIOUS EXPERIENCE OR TRAINING IN THE FOLLOWING WOULD BE AN ADVANTAGE/b:br Office administrationbr Call handlingbr Customer servicebr Typing and correspondencebr Email correspondencebr Research including web based researchbr Database managementbr br bHOURS:/bbr Mon to Fri 9am-3pm - Weekends as requiredbr Rate of pay by negotiation, minimum guaranteed GBP 1,500 PER MONTH.br br bLocation:/b AUSTRALIA ONLYbr bAGE:/b at least 18 year old, or olderbr br To apply please emailbof...@australia-resume.com/b/BODY/HTML -- ACTUAL EXAMPLE RECEIVED On 18/11/2010 7:05 PM, Tonix (Antonio Nati) wrote: Sorry, I don't understand problem, again. Are you receiving e-mails which SPF should not allow? Any of your accounts is sending out spam emails? Tonino Il 18/11/2010 07:05, Tony White ha scritto: Hi folks, Will this cure my issue, at least for now... 1. Have all my users use the QMT servers via SMTP-AUTH. 2. Set spf records to only allow my ip addresses to send mail for these domains. The original problem was/is... email being sent to my servers using valid/invalid accounts for domains that are on my servers. I wanted to verify the email address against valid ones to reduce the amount of spam. As an example I have apparently sent 1500 emails to my clients including myself each day for the last few days. Obviously this is not true. So doing the spf thing should stop those buggers from using my and other clients names to send email and they will need to have a username and password to validate before a send is accepted!. It would appear that the email accounts a very old. The emails that are arriving have 5-10 valid domain but valid/invalid users in the To Field. The same for CC and BCC. They are the same addresses in each section. On 18/11/2010 10:10 AM, Tonix (Antonio Nati) wrote: Il 17/11/2010 23:41, Eric Shubert ha scritto: On
[qmailtoaster] Re: re Invalid rcpthosts client email addresses sending emails to other rcpthosts clients
I agree, if you want to use SPF. Unless you can identify all of the mobile servers somehow. Perhaps by wildcard? I haven't looked at SPF recently. Can you do include bis.na.blackberry.com sort of thing? Tony, are you using spamdyke? Did you look into blacklisting your own domain? That'll work for messages coming into your server. Messages from mobile devices appear to come from the mobile domain account, so they don't get blacklisted. This doesn't help with forged addresses of your domain going to other servers, though I'm not sure that is (as) much of a problem. -- -Eric 'shubes' On 11/18/2010 01:43 AM, Tonix (Antonio Nati) wrote: I think you have no other choise, except forcing your customers to use your relay servers. Set up a dedicated IP where you accept only authenticated users (i.e. relay.ycs.com.au), and use the submission port (587) for accepting their emails in case mobile companies block sending to port 25. Regards, Tonino Il 18/11/2010 09:30, Tony White ha scritto: Hello, Yes I am receiving emails that SPF should not allow. BUT and it is a big BUT! I have clients that have mobile devices that use their mobile device ISP smtp server to send mail. If I make SPF only allow MY smtp servers then these folks cannot send mail from their mobile devices! No, none of my accounts are sending out spam emails. All emails are from smtp servers outside of my control. Sorry if I am wrong to do this here but I thought I might include one as an example... NB The ONLY valid email address is mine t...@ycs.com.au, all the others are rubbish! -- ACTUAL EXAMPLE RECEIVED From - Thu Nov 18 12:36:23 2010 X-Account-Key: account11 X-UIDL: 1290043761.13702.indialau.bigpuddle.net,S=2602 X-Mozilla-Status: 0011 X-Mozilla-Status2: X-Mozilla-Keys: Return-Path:bi...@gpdv.com.au Delivered-To: t...@ycs.com.au Received: (qmail 13700 invoked by uid 89); 18 Nov 2010 01:29:21 - Received: from unknown (HELO ?222.119.250.144?) (222.119.250.144) by indialau.bigpuddle.net with SMTP; 18 Nov 2010 01:29:20 - Received-SPF: none (indialau.bigpuddle.net: domain at gpdv.com.au does not designate permitted sender hosts) Received: from 222.119.250.144(helo=vkddebf.pnpxyhcbajz.info) by with esmtpa (Exim 4.69) (envelope-from ) id 1MM3A9-7030gu-RU for t...@ycs.com.au; Thu, 18 Nov 2010 10:29:20 +0900 To:t...@ycs.com.au, to...@ycs.com.au, stee...@ycs.com.au, accplusk...@ycs.com.au Cc:accpluss...@ycs.com.au, accpluse...@ycs.com.au, accplush...@ycs.com.au, accplusq...@ycs.com.au, accplusu...@ycs.com.au, accplusw...@ycs.com.au, accplust...@ycs.com.au, accplusr...@ycs.com.au, accplusf...@ycs.com.au Subject: Re: CV From:t...@ycs.com.au, to...@ycs.com.au, stee...@ycs.com.au, accplusk...@ycs.com.au Cc:accpluss...@ycs.com.au, accpluse...@ycs.com.au, accplush...@ycs.com.au, accplusq...@ycs.com.au, accplusu...@ycs.com.au, accplusw...@ycs.com.au, accplust...@ycs.com.au, accplusr...@ycs.com.au, accplusf...@ycs.com.au MIME-Version: 1.0 Importance: High Content-Type: text/html !DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.0 Transitional//EN HTMLHEAD META http-equiv=Content-Type content=text/html; charset=iso-8859-2 /HEAD BODYA foreign owned company is looking for Online Sales Administrator to assist in the day to day running of our outlet online.br br bDUTIES INCLUDE:/bbr Administrating day-to-day financial responsibilities for our clientsbr data inputbr capable to fast reply to all emails coming from your personal HRbr Managerbr Preparing brief summary reports, and weekly financial reportsbr br bSKILLS REQUIRED:/bbr 1. Keyboard Typing.br 2. basic Miscrosoft Office skills.br 3. constantly available on the phone during the daytimebr br bPREVIOUS EXPERIENCE OR TRAINING IN THE FOLLOWING WOULD BE AN ADVANTAGE/b:br Office administrationbr Call handlingbr Customer servicebr Typing and correspondencebr Email correspondencebr Research including web based researchbr Database managementbr br bHOURS:/bbr Mon to Fri 9am-3pm - Weekends as requiredbr Rate of pay by negotiation, minimum guaranteed GBP 1,500 PER MONTH.br br bLocation:/b AUSTRALIA ONLYbr bAGE:/b at least 18 year old, or olderbr br To apply please emailbof...@australia-resume.com/b/BODY/HTML -- ACTUAL EXAMPLE RECEIVED On 18/11/2010 7:05 PM, Tonix (Antonio Nati) wrote: Sorry, I don't understand problem, again. Are you receiving e-mails which SPF should not allow? Any of your accounts is sending out spam emails? Tonino Il 18/11/2010 07:05, Tony White ha scritto: Hi folks, Will this cure my issue, at least for now... 1. Have all my users use the QMT servers via SMTP-AUTH. 2. Set spf records to only allow my ip addresses to send mail for these domains. The original problem was/is... email being sent to my servers using valid/invalid accounts for domains that are on my servers. I wanted to verify the email address against valid ones to reduce the amount of spam. As an example I have apparently sent 1500 emails to my clients
Re: [qmailtoaster] Re: re Invalid rcpthosts client email addresses sending emails to other rcpthosts clients
Hi Eric, No I am not currently using spamdyke due to greylisting. On 19/11/2010 3:43 AM, Eric Shubert wrote: I agree, if you want to use SPF. Unless you can identify all of the mobile servers somehow. Perhaps by wildcard? I haven't looked at SPF recently. Can you do include bis.na.blackberry.com sort of thing? Tony, are you using spamdyke? Did you look into blacklisting your own domain? That'll work for messages coming into your server. Messages from mobile devices appear to come from the mobile domain account, so they don't get blacklisted. This doesn't help with forged addresses of your domain going to other servers, though I'm not sure that is (as) much of a problem. -- best wishes Tony White - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Re: re Invalid rcpthosts client email addresses sending emails to other rcpthosts clients
You can easily disable greylisting and still get a large benefit from the rest of spamdyke's filters. -- -Eric 'shubes' On 11/18/2010 05:27 PM, Tony White wrote: Hi Eric, No I am not currently using spamdyke due to greylisting. On 19/11/2010 3:43 AM, Eric Shubert wrote: I agree, if you want to use SPF. Unless you can identify all of the mobile servers somehow. Perhaps by wildcard? I haven't looked at SPF recently. Can you do include bis.na.blackberry.com sort of thing? Tony, are you using spamdyke? Did you look into blacklisting your own domain? That'll work for messages coming into your server. Messages from mobile devices appear to come from the mobile domain account, so they don't get blacklisted. This doesn't help with forged addresses of your domain going to other servers, though I'm not sure that is (as) much of a problem. - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: re Invalid rcpthosts client email addresses sending emails to other rcpthosts clients
Okay Eric, I will look at implementing it over the weekend. Thanks. On 19/11/2010 12:26 PM, Eric Shubert wrote: You can easily disable greylisting and still get a large benefit from the rest of spamdyke's filters. -- best wishes Tony White Yea Computing Services http://www.ycs.com.au 4 The Crescent Yea Victoria Australia 3717 Telephone No's VIC : 03 5797 3344 VIC : 03 9008 5614 TAS : 03 6107 9099 NT : 08 8921 4049 SA : 08 7123 0847 NSW : 02 8014 5547 QLD : 07 3123 6647 WA : 08 6365 2199 FAX : 03 9008 5610 (FAX2Email) FAX : 03 5797-3288 IMPORTANT NOTICE This communication including any file attachments is intended solely for the use of the individual or entity to whom it is addressed. If you are not the intended recipient, or the person responsible for delivering this communication to the intended recipient, please immediately notify the sender by email and delete the original transmission and its contents. Any unauthorised use, dissemination, forwarding, printing or copying of this communication including file attachments is prohibited. It is your responsibility to scan this communication including any file attachments for viruses and other defects. To the extent permitted by law, Yea Computing Services and its associates will not be liable for any loss or damage arising in any way from this communication including any file attachments. - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: re Invalid rcpthosts client email addresses sending emails to other rcpthosts clients
Yea Spamdyke.. youll never go back :) I love it.. Without it I would be pownd by spam. Back to killin zombies :) --Dave On 11/18/2010 7:39 PM, Tony White wrote: Okay Eric, I will look at implementing it over the weekend. Thanks. On 19/11/2010 12:26 PM, Eric Shubert wrote: You can easily disable greylisting and still get a large benefit from the rest of spamdyke's filters. -- David Milholen Project Engineer P:501-318-1300
[qmailtoaster] Re: re Invalid rcpthosts client email addresses sending emails to other rcpthosts clients
That's a problem all right. I don't expect that using the submission port would fix that either. The spfbehavior file should be separate for the submission port to make that happen. Ultimately, SPF should not be enforced for authenticated users. There has been some talk about implementing SPF in spamdyke (I've been a proponent of this). Perhaps we can nudge Sam and get it implemented there. That would solve the problem. -- -Eric 'shubes' On 11/17/2010 01:44 AM, Tony White wrote: Hi Martin, Found a big downside to it! Clients using their mobiles for email sending can no longer send from their mobile isp smtp server. Bugger thought I had it beat as well. On 17/11/2010 6:43 PM, Martin Waschbuesch wrote: Cool! Let us know whether it has any impact. The upside to this is that it will be harder for spammers to use your addresses to send to other domains as well - although it is of course possible to spoof the ip, too. At any rate I hope this works out for you! Martin -Ursprüngliche Nachricht- From: Tony White Sent: Wednesday, November 17, 2010 7:41 AM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] re Invalid rcpthosts client email addresses sending emails to other rcpthosts clients Hi Martin, Thank you for that explanation. I had used the old spf web utility to create the record you saw. It would appear that that site is now the OLD one and the new one does in fact do things differently now. Thank you for your help, I have changed a single domain as of now to test it before changing them all. The site http://old.openspf.org/wizard.html, if you have time to look at it, does offer only the ~all option and if I had read the final page fully it proves you are absolutely correct with your assessment. Thanks again. On 17/11/2010 5:24 PM, Martin Waschbuesch wrote: Hi Tony, OK, this *might* be something you should change. The way to read the record is this: The listed IP addresses are authorized to send mail for that domain. All others are not. HOWEVER, the '~all' tells recipients to treat this as a soft fail and is supposed to be used for testing purposes. A lot of recipients will accept mail from other hosts under this condition. You might consider replacing it with this '-all'. Fyi an excerpt from wikipedia: + for a PASS result. This can be omitted; e.g., +mx is the same as mx. ? for a NEUTRAL result interpreted like NONE (no policy). ~ for SOFTFAIL, a debugging aid between NEUTRAL and FAIL. Typically, messages that return a SOFTFAIL are accepted but tagged. - for FAIL, the mail should be rejected (see below). Martin -Ursprüngliche Nachricht- From: Tony White Sent: Wednesday, November 17, 2010 1:46 AM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] re Invalid rcpthosts client email addresses sending emails to other rcpthosts clients Hi Michael, A dig reveals this... ycs.com.au. 7200 IN TXT v=spf1 a mx ip4:111.223.234.146 ip4:125.168.12.213 ip4:125.168.254.24 ~all On 16/11/2010 6:07 PM, Martin Waschbüsch wrote: What's the SPF record say? It should list the IPs and some options... Von meinem iPhone gesendet Am 16.11.2010 um 07:26 schrieb Tony Whitet...@ycs.com.au: Hello Martin, Thank you for your reply! I will investigate domainkeys now but the SPF has been implemented for some time now... On 16/11/2010 5:11 PM, Martin Waschbüsch wrote: SPF and domainkeys can be used to do this. The policy for SPF could be set to designating only your ip as valid and the skim/domainkeys policy be set to 'all messages are signed'. That should guarantee that your server will correctly identify these mails as forgery. However, check your rules in tcp.smtp - if one of your clients spams due to virus etc., that might bypass all protections depending on the settings... Von meinem iPhone gesendet Am 16.11.2010 um 04:43 schrieb Tony Whitet...@ycs.com.au: Hello, Is there a way of verifying the From address that claims to be from one of the domains hosted here is a valid email address? There has been an increase of spam using one or more the domains hosted on my servers. I am still searching the web but no searches found yet! -- best wishes Tony White - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers
Re: [qmailtoaster] Re: re Invalid rcpthosts client email addresses sending emails to other rcpthosts clients
I'd like to see SPF in spamdyke. Martin -Ursprüngliche Nachricht- From: Eric Shubert Sent: Wednesday, November 17, 2010 3:56 PM To: qmailtoaster-list@qmailtoaster.com Subject: [qmailtoaster] Re: re Invalid rcpthosts client email addresses sending emails to other rcpthosts clients That's a problem all right. I don't expect that using the submission port would fix that either. The spfbehavior file should be separate for the submission port to make that happen. Ultimately, SPF should not be enforced for authenticated users. There has been some talk about implementing SPF in spamdyke (I've been a proponent of this). Perhaps we can nudge Sam and get it implemented there. That would solve the problem. -- -Eric 'shubes' On 11/17/2010 01:44 AM, Tony White wrote: Hi Martin, Found a big downside to it! Clients using their mobiles for email sending can no longer send from their mobile isp smtp server. Bugger thought I had it beat as well. On 17/11/2010 6:43 PM, Martin Waschbuesch wrote: Cool! Let us know whether it has any impact. The upside to this is that it will be harder for spammers to use your addresses to send to other domains as well - although it is of course possible to spoof the ip, too. At any rate I hope this works out for you! Martin -Ursprüngliche Nachricht- From: Tony White Sent: Wednesday, November 17, 2010 7:41 AM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] re Invalid rcpthosts client email addresses sending emails to other rcpthosts clients Hi Martin, Thank you for that explanation. I had used the old spf web utility to create the record you saw. It would appear that that site is now the OLD one and the new one does in fact do things differently now. Thank you for your help, I have changed a single domain as of now to test it before changing them all. The site http://old.openspf.org/wizard.html, if you have time to look at it, does offer only the ~all option and if I had read the final page fully it proves you are absolutely correct with your assessment. Thanks again. On 17/11/2010 5:24 PM, Martin Waschbuesch wrote: Hi Tony, OK, this *might* be something you should change. The way to read the record is this: The listed IP addresses are authorized to send mail for that domain. All others are not. HOWEVER, the '~all' tells recipients to treat this as a soft fail and is supposed to be used for testing purposes. A lot of recipients will accept mail from other hosts under this condition. You might consider replacing it with this '-all'. Fyi an excerpt from wikipedia: + for a PASS result. This can be omitted; e.g., +mx is the same as mx. ? for a NEUTRAL result interpreted like NONE (no policy). ~ for SOFTFAIL, a debugging aid between NEUTRAL and FAIL. Typically, messages that return a SOFTFAIL are accepted but tagged. - for FAIL, the mail should be rejected (see below). Martin -Ursprüngliche Nachricht- From: Tony White Sent: Wednesday, November 17, 2010 1:46 AM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] re Invalid rcpthosts client email addresses sending emails to other rcpthosts clients Hi Michael, A dig reveals this... ycs.com.au. 7200 IN TXT v=spf1 a mx ip4:111.223.234.146 ip4:125.168.12.213 ip4:125.168.254.24 ~all On 16/11/2010 6:07 PM, Martin Waschbüsch wrote: What's the SPF record say? It should list the IPs and some options... Von meinem iPhone gesendet Am 16.11.2010 um 07:26 schrieb Tony Whitet...@ycs.com.au: Hello Martin, Thank you for your reply! I will investigate domainkeys now but the SPF has been implemented for some time now... On 16/11/2010 5:11 PM, Martin Waschbüsch wrote: SPF and domainkeys can be used to do this. The policy for SPF could be set to designating only your ip as valid and the skim/domainkeys policy be set to 'all messages are signed'. That should guarantee that your server will correctly identify these mails as forgery. However, check your rules in tcp.smtp - if one of your clients spams due to virus etc., that might bypass all protections depending on the settings... Von meinem iPhone gesendet Am 16.11.2010 um 04:43 schrieb Tony Whitet...@ycs.com.au: Hello, Is there a way of verifying the From address that claims to be from one of the domains hosted here is a valid email address? There has been an increase of spam using one or more the domains hosted on my servers. I am still searching the web but no searches found yet! -- best wishes Tony White - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr
[qmailtoaster] Re: re Invalid rcpthosts client email addresses sending emails to other rcpthosts clients
Please bring it up on the spamdyke list (gmane.mail.spam.spamdyke.user). Thanks Martin. -- -Eric 'shubes' On 11/17/2010 08:44 AM, Martin Waschbuesch wrote: I'd like to see SPF in spamdyke. Martin -Ursprüngliche Nachricht- From: Eric Shubert Sent: Wednesday, November 17, 2010 3:56 PM To: qmailtoaster-list@qmailtoaster.com Subject: [qmailtoaster] Re: re Invalid rcpthosts client email addresses sending emails to other rcpthosts clients That's a problem all right. I don't expect that using the submission port would fix that either. The spfbehavior file should be separate for the submission port to make that happen. Ultimately, SPF should not be enforced for authenticated users. There has been some talk about implementing SPF in spamdyke (I've been a proponent of this). Perhaps we can nudge Sam and get it implemented there. That would solve the problem. - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: re Invalid rcpthosts client email addresses sending emails to other rcpthosts clients
Il 17/11/2010 15:56, Eric Shubert ha scritto: That's a problem all right. I don't expect that using the submission port would fix that either. The spfbehavior file should be separate for the submission port to make that happen. Ultimately, SPF should not be enforced for authenticated users. There has been some talk about implementing SPF in spamdyke (I've been a proponent of this). Perhaps we can nudge Sam and get it implemented there. That would solve the problem. Sorry I do not understand the problem: as far as I see SPF must be disabled on submission port and for authenticated users, otherwise none could give to authorized servers e-mails to relay. Sources I'm using for qmail-smtpd check SPF only if RELAYCLIENT is not set. Regards, Tonino -- in...@zioniInterazioni di Antonio Nati http://www.interazioni.it to...@interazioni.it - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Re: re Invalid rcpthosts client email addresses sending emails to other rcpthosts clients
On 11/17/2010 03:30 PM, Tonix (Antonio Nati) wrote: Il 17/11/2010 15:56, Eric Shubert ha scritto: That's a problem all right. I don't expect that using the submission port would fix that either. The spfbehavior file should be separate for the submission port to make that happen. Ultimately, SPF should not be enforced for authenticated users. There has been some talk about implementing SPF in spamdyke (I've been a proponent of this). Perhaps we can nudge Sam and get it implemented there. That would solve the problem. Sorry I do not understand the problem: as far as I see SPF must be disabled on submission port and for authenticated users, otherwise none could give to authorized servers e-mails to relay. Sources I'm using for qmail-smtpd check SPF only if RELAYCLIENT is not set. Regards, Tonino I believe Tonino's correct. On second thought, I misunderstood the problem. The problem is that mobile users submit email via the mobile smtp service, and don't come through QMT. Those servers would somehow need to be included in the SPF record. It has nothing to do with QMT (which is what creates the problem, somewhat ironically). Thanks for making me think about this a little more, Tonino. -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: re Invalid rcpthosts client email addresses sending emails to other rcpthosts clients
Il 17/11/2010 23:41, Eric Shubert ha scritto: On 11/17/2010 03:30 PM, Tonix (Antonio Nati) wrote: Il 17/11/2010 15:56, Eric Shubert ha scritto: That's a problem all right. I don't expect that using the submission port would fix that either. The spfbehavior file should be separate for the submission port to make that happen. Ultimately, SPF should not be enforced for authenticated users. There has been some talk about implementing SPF in spamdyke (I've been a proponent of this). Perhaps we can nudge Sam and get it implemented there. That would solve the problem. Sorry I do not understand the problem: as far as I see SPF must be disabled on submission port and for authenticated users, otherwise none could give to authorized servers e-mails to relay. Sources I'm using for qmail-smtpd check SPF only if RELAYCLIENT is not set. Regards, Tonino I believe Tonino's correct. On second thought, I misunderstood the problem. The problem is that mobile users submit email via the mobile smtp service, and don't come through QMT. Those servers would somehow need to be included in the SPF record. It has nothing to do with QMT (which is what creates the problem, somewhat ironically). I feel when using SPF you have no other choice than relaying to ISP servers. Adding all possible SMTP servers of mobile operator is out of our possibility :-). Ciao! Tonino -- in...@zioniInterazioni di Antonio Nati http://www.interazioni.it to...@interazioni.it - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: re Invalid rcpthosts client email addresses sending emails to other rcpthosts clients
Hi folks, Will this cure my issue, at least for now... 1. Have all my users use the QMT servers via SMTP-AUTH. 2. Set spf records to only allow my ip addresses to send mail for these domains. The original problem was/is... email being sent to my servers using valid/invalid accounts for domains that are on my servers. I wanted to verify the email address against valid ones to reduce the amount of spam. As an example I have apparently sent 1500 emails to my clients including myself each day for the last few days. Obviously this is not true. So doing the spf thing should stop those buggers from using my and other clients names to send email and they will need to have a username and password to validate before a send is accepted!. It would appear that the email accounts a very old. The emails that are arriving have 5-10 valid domain but valid/invalid users in the To Field. The same for CC and BCC. They are the same addresses in each section. On 18/11/2010 10:10 AM, Tonix (Antonio Nati) wrote: Il 17/11/2010 23:41, Eric Shubert ha scritto: On 11/17/2010 03:30 PM, Tonix (Antonio Nati) wrote: Il 17/11/2010 15:56, Eric Shubert ha scritto: That's a problem all right. I don't expect that using the submission port would fix that either. The spfbehavior file should be separate for the submission port to make that happen. Ultimately, SPF should not be enforced for authenticated users. There has been some talk about implementing SPF in spamdyke (I've been a proponent of this). Perhaps we can nudge Sam and get it implemented there. That would solve the problem. Sorry I do not understand the problem: as far as I see SPF must be disabled on submission port and for authenticated users, otherwise none could give to authorized servers e-mails to relay. Sources I'm using for qmail-smtpd check SPF only if RELAYCLIENT is not set. Regards, Tonino I believe Tonino's correct. On second thought, I misunderstood the problem. The problem is that mobile users submit email via the mobile smtp service, and don't come through QMT. Those servers would somehow need to be included in the SPF record. It has nothing to do with QMT (which is what creates the problem, somewhat ironically). I feel when using SPF you have no other choice than relaying to ISP servers. Adding all possible SMTP servers of mobile operator is out of our possibility :-). Ciao! Tonino -- best wishes Tony White Yea Computing Services http://www.ycs.com.au 4 The Crescent Yea Victoria Australia 3717 Telephone No's VIC : 03 5797 3344 VIC : 03 9008 5614 TAS : 03 6107 9099 NT : 08 8921 4049 SA : 08 7123 0847 NSW : 02 8014 5547 QLD : 07 3123 6647 WA : 08 6365 2199 FAX : 03 9008 5610 (FAX2Email) FAX : 03 5797-3288 IMPORTANT NOTICE This communication including any file attachments is intended solely for the use of the individual or entity to whom it is addressed. If you are not the intended recipient, or the person responsible for delivering this communication to the intended recipient, please immediately notify the sender by email and delete the original transmission and its contents. Any unauthorised use, dissemination, forwarding, printing or copying of this communication including file attachments is prohibited. It is your responsibility to scan this communication including any file attachments for viruses and other defects. To the extent permitted by law, Yea Computing Services and its associates will not be liable for any loss or damage arising in any way from this communication including any file attachments. - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Re: re Invalid rcpthosts client email addresses sending emails to other rcpthosts clients
On 11/15/2010 08:43 PM, Tony White wrote: Hello, Is there a way of verifying the From address that claims to be from one of the domains hosted here is a valid email address? There has been an increase of spam using one or more the domains hosted on my servers. I am still searching the web but no searches found yet! The best way I've found to block these is by blacklisting your local domain(s) with spamdyke. http://wiki.qmailtoaster.com/index.php/Prevent_Spam_from_valid_sender/recipient -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: re Invalid rcpthosts client email addresses sending emails to other rcpthosts clients
Hello Eric, Thank you, I will investigate today! On 16/11/2010 11:40 PM, Eric Shubert wrote: On 11/15/2010 08:43 PM, Tony White wrote: Hello, Is there a way of verifying the From address that claims to be from one of the domains hosted here is a valid email address? There has been an increase of spam using one or more the domains hosted on my servers. I am still searching the web but no searches found yet! The best way I've found to block these is by blacklisting your local domain(s) with spamdyke. http://wiki.qmailtoaster.com/index.php/Prevent_Spam_from_valid_sender/recipient -- best wishes Tony White - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
