Re: Whitelist and DNS blacklists in SpamAssassin
Per Jessen skrev den 2013-02-06 08:37: For me that creates too much traffic, unfortunately. use spf test before reject_unverified_sender reduce this problem here was the plan not to get it up again ? See the other postings about http://www.rfc-ignorant.de/ - someone is working on it. yep, if i can help i like to do it I also had plans to continue it, but I simply don't have the time to commit. yes this is the part i wish more take time to do, but lifes continues anyway
Re: Whitelist and DNS blacklists in SpamAssassin
Matus UHLAR - fantomas skrev den 2013-02-04 09:25: port 25 open. There are multiple ways to detect dynamic IPs (rDNS patterns, PBL, SORBS-DUL, MAPS-DYNA) which I found more safe than TCP port 25 open. On 04.02.13 17:27, Benny Pedersen wrote: i never write only but my point is that if port 25 is open, is it then still dynamic ? if an IP is dynamic, it does not matter whether it has port 25 open. I gave good examples why it should not be whitelisted. Not all ISPs block incoming port 25... i did not say its not more test to do well I don't see a reason to test for port 25 open, maybe to block open relays and/or SMTP redirect on misconfigured routers... This is what e.g. rfci-ignorant or many other rhsbl blacklists are for. thay are dead they are alive on rfc-ignorant.de :-) -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Where do you want to go to die? [Microsoft]
Re: Whitelist and DNS blacklists in SpamAssassin
Matus UHLAR - fantomas wrote: Matus UHLAR - fantomas skrev den 2013-02-04 09:25: port 25 open. There are multiple ways to detect dynamic IPs (rDNS patterns, PBL, SORBS-DUL, MAPS-DYNA) which I found more safe than TCP port 25 open. On 04.02.13 17:27, Benny Pedersen wrote: i never write only but my point is that if port 25 is open, is it then still dynamic ? if an IP is dynamic, it does not matter whether it has port 25 open. I gave good examples why it should not be whitelisted. Not all ISPs block incoming port 25... i did not say its not more test to do well I don't see a reason to test for port 25 open, maybe to block open relays and/or SMTP redirect on misconfigured routers... This is what e.g. rfci-ignorant or many other rhsbl blacklists are for. thay are dead they are alive on rfc-ignorant.de :-) Resurrected perhaps, but not quite alive. -- Per Jessen, Zürich (-0.1°C) http://www.dns24.ch/ - free DNS hosting, made in Switzerland.
Re: Whitelist and DNS blacklists in SpamAssassin
On Tue, Feb 5, 2013 at 8:27 AM, Per Jessen p...@computer.org wrote: This is what e.g. rfci-ignorant or many other rhsbl blacklists are for. rfc-ignorant has gone off-line. http://www.rfc-ignorant.de/ -- Matthias
Re: Whitelist and DNS blacklists in SpamAssassin
Matthias Leisi wrote: On Tue, Feb 5, 2013 at 8:27 AM, Per Jessen p...@computer.org wrote: This is what e.g. rfci-ignorant or many other rhsbl blacklists are for. rfc-ignorant has gone off-line. http://www.rfc-ignorant.de/ -- Matthias Thanks, I didn't know someone had decided to continue the project. I suggested it on the rfc-ignorant mailing list but there wasn't much interest. -- Per Jessen, Zürich (7.5°C) http://www.dns24.ch/ - free DNS hosting, made in Switzerland.
Re: Whitelist and DNS blacklists in SpamAssassin
On 2/5/2013 6:22 AM, Per Jessen wrote: http://www.rfc-ignorant.de/ -- Matthias Thanks, I didn't know someone had decided to continue the project. I suggested it on the rfc-ignorant mailing list but there wasn't much interest. Interesting and good news!... but their home page states that their zones are not yet populated. So I guess they are not yet operational yet? (or maybe the site messages is out of date?) -- Rob McEwen http://dnsbl.invaluement.com/ r...@invaluement.com +1 (478) 475-9032
Re: Whitelist and DNS blacklists in SpamAssassin
Per Jessen skrev den 2013-02-05 08:27: rfc-ignorant has gone off-line. thats why i choiced to use reject_unverified_sender in postfix, and yes i know it can be abused, but it solves more problems then it creates for me was the plan not to get it up again ?
Re: Whitelist and DNS blacklists in SpamAssassin
Matthias Leisi skrev den 2013-02-05 10:43: rfc-ignorant has gone off-line. http://www.rfc-ignorant.de/ will it not be added to spamassassin rules ? is the old rules still in rules out there ? i have not followed progress on that, have being away from maillist for long time now
Re: Whitelist and DNS blacklists in SpamAssassin
Benny Pedersen wrote: Per Jessen skrev den 2013-02-05 08:27: rfc-ignorant has gone off-line. thats why i choiced to use reject_unverified_sender in postfix, and yes i know it can be abused, but it solves more problems then it creates for me For me that creates too much traffic, unfortunately. was the plan not to get it up again ? See the other postings about http://www.rfc-ignorant.de/ - someone is working on it. I also had plans to continue it, but I simply don't have the time to commit. -- Per Jessen, Zürich (0.5°C) http://www.dns24.ch/ - free DNS hosting, made in Switzerland.
Re: Whitelist and DNS blacklists in SpamAssassin
Matus UHLAR - fantomas skrev den 2013-02-03 20:41: only whitelist dynamic ips if there is port 25 open on it, so any open relay and SMTP redirect gets whitelisted? On 04.02.13 00:55, Benny Pedersen wrote: nope, if port 25 is open, its another problem, in the way that is could be static ip, with a dynamic hostname / reverse dns, but it depends on what mail this dynmic ip want to accept Well, if a port 25 is open on dynamic IP, it COULD be open relay or SMTP redirect. If we decide an IP is dynamic (or should not be used for mail, see spamhaus PBL policy), we should NOT whitelist it just because IP has port 25 open. There are multiple ways to detect dynamic IPs (rDNS patterns, PBL, SORBS-DUL, MAPS-DYNA) which I found more safe than TCP port 25 open. complicated yes, seem from my own logs is that some domains just setup mx records, to have abality to send email, but when trying send to this mx postmaster or abuse does not exists or mx host does not accept recipient domain, seen here relay denied, and connection refused This is what e.g. rfci-ignorant or many other rhsbl blacklists are for. fair i just tempfail that sender so with old postfix reject_unverified_sender, its less work to whitelist sender domains if sender is known to not want mail back -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Micro$oft random number generator: 0, 0, 0, 4.33e+67, 0, 0, 0...
Re: Whitelist and DNS blacklists in SpamAssassin
Matus UHLAR - fantomas skrev den 2013-02-04 09:25: port 25 open. There are multiple ways to detect dynamic IPs (rDNS patterns, PBL, SORBS-DUL, MAPS-DYNA) which I found more safe than TCP port 25 open. i never write only but my point is that if port 25 is open, is it then still dynamic ? i did not say its not more test to do This is what e.g. rfci-ignorant or many other rhsbl blacklists are for. thay are dead
Re: Whitelist and DNS blacklists in SpamAssassin
Matus UHLAR - fantomas wrote: Matus UHLAR - fantomas skrev den 2013-02-03 20:41: only whitelist dynamic ips if there is port 25 open on it, so any open relay and SMTP redirect gets whitelisted? On 04.02.13 00:55, Benny Pedersen wrote: nope, if port 25 is open, its another problem, in the way that is could be static ip, with a dynamic hostname / reverse dns, but it depends on what mail this dynmic ip want to accept Well, if a port 25 is open on dynamic IP, it COULD be open relay or SMTP redirect. If we decide an IP is dynamic (or should not be used for mail, see spamhaus PBL policy), we should NOT whitelist it just because IP has port 25 open. There are multiple ways to detect dynamic IPs (rDNS patterns, PBL, SORBS-DUL, MAPS-DYNA) which I found more safe than TCP port 25 open. complicated yes, seem from my own logs is that some domains just setup mx records, to have abality to send email, but when trying send to this mx postmaster or abuse does not exists or mx host does not accept recipient domain, seen here relay denied, and connection refused This is what e.g. rfci-ignorant or many other rhsbl blacklists are for. rfc-ignorant has gone off-line. -- Per Jessen, Zürich (7.7°C) http://www.dns24.ch/ - free DNS hosting, made in Switzerland.
Re: Whitelist and DNS blacklists in SpamAssassin
Robert Schetterer skrev den 2013-01-26 08:22: as wrote, there is always a chance to whitelist something, but big mailplayers dont do it or cant do by tec reasons i.e if your sednded mail is comming from dynips it makes less sense dynip should NOT be used for mail sending (without SMTP auth) to whitelist them, some stuff is more easy fixed at the sender i.e sending via relay etc On 01.02.13 20:02, Benny Pedersen wrote: only whitelist dynamic ips if there is port 25 open on it, so any open relay and SMTP redirect gets whitelisted? if its not then its not a smtpd auth relay server, if it was it would be sending from an blacklisted ip (dynamic) even if senders used smtpd auth it would not help senders clients that use smtpd auth is mostly using dynamic ips to static ips to relay there mails, and that static ip is not listed for spamming on dnsbl hopefully clients that do SMTP auth should be exempted from blacklisting/whitelisting. (if you don't trust SMTP auth from an IP, simply don't allow the connection at all) -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. 10 GOTO 10 : REM (C) Bill Gates 1998, All Rights Reserved!
Re: Whitelist and DNS blacklists in SpamAssassin
Matus UHLAR - fantomas skrev den 2013-02-03 20:41: only whitelist dynamic ips if there is port 25 open on it, so any open relay and SMTP redirect gets whitelisted? nope, if port 25 is open, its another problem, in the way that is could be static ip, with a dynamic hostname / reverse dns, but it depends on what mail this dynmic ip want to accept complicated yes, seem from my own logs is that some domains just setup mx records, to have abality to send email, but when trying send to this mx postmaster or abuse does not exists or mx host does not accept recipient domain, seen here relay denied, and connection refused, fair i just tempfail that sender so with old postfix reject_unverified_sender, its less work to whitelist sender domains if sender is known to not want mail back
Re: Whitelist and DNS blacklists in SpamAssassin
Robert Schetterer skrev den 2013-01-26 08:22: as wrote, there is always a chance to whitelist something, but big mailplayers dont do it or cant do by tec reasons i.e if your sednded mail is comming from dynips it makes less sense to whitelist them, some stuff is more easy fixed at the sender i.e sending via relay etc only whitelist dynamic ips if there is port 25 open on it, if its not then its not a smtpd auth relay server, if it was it would be sending from an blacklisted ip (dynamic) even if senders used smtpd auth it would not help senders clients that use smtpd auth is mostly using dynamic ips to static ips to relay there mails, and that static ip is not listed for spamming on dnsbl hopefully
Re: Whitelist and DNS blacklists in SpamAssassin
Robert Schetterer skrev den 2013-01-26 08:26: there is less you can do, if your mail provider does not give you chance to change antispam settings yourself i.e. in some gui and/or he is not willing to change it for you i begin to wonder how gmail handle it :=)
Whitelist and DNS blacklists in SpamAssassin
Hello, I have a question concerning whitelist and blacklist in SpamAssassin. Our mail provider uses online DNS blacklists. One of my clients uses mail provider whose IP addresses are almost all time on some blacklist and therefore I can't receive emails from him. So my question is: Is it possible to still use DNS blacklists and add domain of my client to whitelist? Will it work? From info what I've read I'm not sure... Or do DNS blacklists have higher priority and whitelist will not help me in my case? Thank you for help, Mario -- View this message in context: http://spamassassin.1065346.n5.nabble.com/Whitelist-and-DNS-blacklists-in-SpamAssassin-tp103262.html Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
Re: Whitelist and DNS blacklists in SpamAssassin
On Fri, 25 Jan 2013, mario21 wrote: Hello, I have a question concerning whitelist and blacklist in SpamAssassin. Our mail provider uses online DNS blacklists. One of my clients uses mail provider whose IP addresses are almost all time on some blacklist and therefore I can't receive emails from him. So my question is: Is it possible to still use DNS blacklists and add domain of my client to whitelist? Will it work? From info what I've read I'm not sure... Or do DNS blacklists have higher priority and whitelist will not help me in my case? Thank you for help, Mario -- View this message in context: http://spamassassin.1065346.n5.nabble.com/Whitelist-and-DNS-blacklists-in-SpamAssassin-tp103262.html Sent from the SpamAssassin - Users mailing list archive at Nabble.com. Normally the answer would be no. This depends on how your mail provider is using the dns blacklists. For instance my mail provider queries several blacklists and will block connections from ip's on those lists well before spamassassin is called to parse the message. The only effect changing your whitelist/blacklist settings would have is if the blacklist queries occur inside of spamassassin. Your client would be well served to find a new email provider that doesn't have so many issues being on ip based blacklists. Ted Hatfield
Re: Whitelist and DNS blacklists in SpamAssassin
On Fri, 25 Jan 2013, mario21 wrote: Thank you for your replies guys. The emails are blocked by my mail provider (ISP is different from my mail provider). I already tried to contact him but I would like to know more... He told me that DNS blacklists have higher priority and he can't do anything about it while the sender is blacklisted. So I would like to know whether there is a possibility to resolve my problem - I can't tell my client sorry, you have to change your mail provider although it's true... -- The only way to resolve this issue is to ask your mail provider to whitelist your email address from his dns/blacklist checks. If he can do this then that should solve your problem. However, if he does this it will affect the amount of spam you receive. DNSBL checks aren't perfect but they do block a lot of spam attempts. Ted Hatfield
Re: Whitelist and DNS blacklists in SpamAssassin
mario21 skrev den 2013-01-25 21:53: Thank you for your replies guys. The emails are blocked by my mail provider (ISP is different from my mail provider). I already tried to contact him but I would like to know more... He told me that DNS blacklists have higher priority and he can't do anything about it while the sender is blacklisted. with domain ? So I would like to know whether there is a possibility to resolve my problem - I can't tell my client sorry, you have to change your mail provider although it's true... dnsbl is only ip, not domains so what is blacklisted ip or domain ? whitelist sender ip is dump, since one ip can send with multi domains more info gets more help
Re: Whitelist and DNS blacklists in SpamAssassin
Yes Ted, I was thinking about the same but I'm afraid about more spam... Benny - blocked is IP address (usually whole range of IP addresses). My client uses a mail provider whose almost all IP addresses are very often blacklisted (I checked it via http://mxtoolbox.com/). But my client doesn't send spam, he just uses affected SMTP server (what I know, his mail provider is his ISP). Therefore I can't receive his email. I know that it is problem of sender's mail provider, but I would like to resolve it on my side if it's possible... -- View this message in context: http://spamassassin.1065346.n5.nabble.com/Whitelist-and-DNS-blacklists-in-SpamAssassin-tp103262p103271.html Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
Re: Whitelist and DNS blacklists in SpamAssassin
On Fri, 25 Jan 2013, mario21 wrote: Yes Ted, I was thinking about the same but I'm afraid about more spam... Benny - blocked is IP address (usually whole range of IP addresses). My client uses a mail provider whose almost all IP addresses are very often blacklisted (I checked it via http://mxtoolbox.com/). But my client doesn't send spam, he just uses affected SMTP server (what I know, his mail provider is his ISP). Therefore I can't receive his email. I know that it is problem of sender's mail provider, but I would like to resolve it on my side if it's possible... -- You need to show the sender proof that his ip address is blocked and hopefully how often it is. He at least needs to complain to his isp about the fact that people who he sends to can't get his email. I guarantee that if you aren't receiving it there are others who aren't either. Ted Hatfield
Re: Whitelist and DNS blacklists in SpamAssassin
Am 25.01.2013 21:53, schrieb mario21: Thank you for your replies guys. The emails are blocked by my mail provider (ISP is different from my mail provider). I already tried to contact him but I would like to know more... He told me that DNS blacklists have higher priority and he can't do anything about it while the sender is blacklisted. So I would like to know whether there is a possibility to resolve my problem - I can't tell my client sorry, you have to change your mail provider although it's true... as wrote, there is always a chance to whitelist something, but big mailplayers dont do it or cant do by tec reasons i.e if your sednded mail is comming from dynips it makes less sense to whitelist them, some stuff is more easy fixed at the sender i.e sending via relay etc -- View this message in context: http://spamassassin.1065346.n5.nabble.com/Whitelist-and-DNS-blacklists-in-SpamAssassin-tp103262p103267.html Sent from the SpamAssassin - Users mailing list archive at Nabble.com. Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich
Re: Whitelist and DNS blacklists in SpamAssassin
Am 25.01.2013 23:57, schrieb mario21: but I would like to resolve it on my side if it's possible... there is less you can do, if your mail provider does not give you chance to change antispam settings yourself i.e. in some gui and/or he is not willing to change it for you Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich