This problem seems to exist really, I've it too 8-(
I'm sure there is no error within the setup or the configuration. But - I
found a really
interesting thing: This problems seems only to occur if 'reject-empty-rdns' is
disabled.
If reject-empty-rdns is enabled, all seems to be fine.
Play
7;qtp-prune-graylist' script to delete zero length files
instead of graylist-max-secs= time after 24h. Is there any argument not to do
this ?
Lutz Petersen
___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users
I'm in trouble understanding what happens when spamdyke detects an rbl match
and how it generates the error message that is sending back to the blocked
client. The configuration is simple:
dns-blacklist-entry=one.rbl.here
There is no 'rejection-text-dns-blacklist' defined, so it should do the
> > Hi there. what is the correct format for the whitelist_senders file?
> > I want to whitelist an entire domain with a borked DNS in the whitelist..
> > Do I do
> > *@abc.com
> > or just
> > abc.com
Both in whitelist as in blacklist you can only do 2 kinds of entries, full
email-addre
> Can I write something like: shiptrade*@mobileemail.vodafone.gr and
> hope that it gets understood to mean shiptrade1, shiptrade2, etc?
No, see: http://www.mail-archive.com/spamdyke-users@spamdyke.org/msg03284.html
___
spamdyke-users mailing lis
> spamdyke will use the one that arrives first
Aah, you're right, thanks a lot! You don't believe how long I debugged all the
rbl setup etc. - and the reason is so simple..
So, I changed the setup (spamdyke.conf) to this:
## only query txt-records, reducing dns-load as a side-effect:
dns-query
rg/documentation/README.html#LOG
The answer2: put following in your spamdyke.conf:
# log-level=info# production..
log-level=verbose # debugging..
Lutz Petersen
___
spamdyke-users mailing list
spamdyke-users@s
I would have a simple (!?) wish modifying rulesets. Espacially the rulesets for
example this:
ip-in-rdns-keyword-blacklist-entry=.accesskenya.com
This normally matches any rdns within *.accesskenya.com that contains the ip
address, a very effective feature. Now I would like this feature, but _
Sam, that works fine, thank you.
I told Santa Claus he shouldn't forget to visit you,, ;)
___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users
> Has anyone here used junkemailfilter.com's DNS blacklist
You may use these in spamassassin. Using them in spamdyke you have
the problem that the zones contains different return-codes within
a zone. As I believe there is no option in spamdyke to limit rbl
or rwl etc. lookups to a specific return
Hi,
in the last days I see a huge amount of spam mails with a
leading Pipe-Char ^| in the senders address.
Is there a simple way to block those sender addresses within
spamdyke ?
Lutz
___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http:/
> I'm not sure how easily spamdyke can do it, but qmail can:
> # echo "^|" >> /var/qmail/control/badmailfrom
Ah, just so simple - thanks..
___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-use
> Just to repeat my position, I think for consistency and security's sake,
> whitelisted connections should have no effect on relaying.
I agree. And that is the reason why it is _always_ a good idea to
have different servers - those who takes mail from extern sites,
and those that are used by u
very day) was to add this single recipient
address not in spamdyke but in qmail's badmailfrom file.
Lutz Petersen
___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Believe me, there are good reasons to use whitelists within spamdyke
on bigger installations. Not because I'ld like yahuh, hotfail or so.
In the last time I see a trend that more and more spam seems to be
send out via mailservers from well known carriers/isps. The botnet
driven sites mainly go dir
> If there is a "sender-blacklist-always" option, there should be
> a "sender-whitelist-always" option as well. If they both exist,
> which one takes priority?
Right, I understand the problem..
I now made a solution with entries in qmails badmailfrom, we
use a qmail version with these additions
> There is already a way to block identical sender and recipients with
> spamdyke. I think it would also be fine to have this for the domain part:
> Deny if from: x...@domain.tld to: a...@domain.tld
Be careful with all these. We ran into trouble because customer mails
became blocked. Those wher
> > Be careful with all these. We ran into trouble because customer mails
> > became blocked. Those where mails from external employees that send out
> > their mail elsewhere (with ..@customer.tld). And there where a lot of
> > similar cases so that we had to disable those rules.
>
> Well, it sho
> So you are trying to say it's ok if your customers use random **SMTP servers
> outside** as relays and you allow such mails in?
What I first noticed was a simple warning if using this feature
there can be circumstances that gives trouble. Not more, not less.
Anyone decide for himself which opti
> I still not get what you are talking here. If you set spamdyke to reject
> mail with same sender and receipient domain and your users do auth
> prior sending then they will bypass this filter while forged mails
> would be dropped. No problems at all.
Such only would work if you have a single ma
I didn't wished to make a philosophical discussion, just my 4 cents ;-)
Over all I believe that same sender<>recipient always isn't such a
great problem. Most of those mails will be catched before by other
filter mechanisms. Those which left are not really much.
There are other things that hurry
Today I see a curious thing:
Oct 16 23:23:27 FILTER_RBL_MATCH ip: 109.251.217.146 rbl: cbl.abuseat.org
Oct 16 23:23:29 ALLOWED from: aalto.jacksonwv...@douglas.de to: x...@xx.xx
origin_ip: 109.251.217.146 origin_rdns: 109.251.217.146.freenet.com.ua
As one can see, the ip was matched in an rbl (
Self-Answer:
> Oct 16 23:23:27 FILTER_RBL_MATCH ip: 109.251.217.146 rbl: cbl.abuseat.org
> Oct 16 23:23:29 ALLOWED from: aalto.jacksonwv...@douglas.de to: x...@xx.xx
> origin_ip: 109.251.217.146 origin_rdns: 109.251.217.146.freenet.com.ua
Because of an actual spamrun I had an entry for @douglas
Solved:
> > Oct 16 23:23:27 FILTER_RBL_MATCH ip: 109.251.217.146 rbl: cbl.abuseat.org
> > Oct 16 23:23:29 ALLOWED from: aalto.jacksonwv...@douglas.de to: x...@xx.xx
> > origin_ip: 109.251.217.146 origin_rdns: 109.251.217.146.freenet.com.ua
Name was within a whitelist, oh man 8-(
__
> From: "Foo, Joe"
There seems nothing illegal with this. Why should one block those standard
EMail Header ?
___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users
> Hello friends, I want to include a segment on my whitelist ip but do
> not know which format to use,
> this is valid?
> 192.168.1.0/20
The format ist valid. The ip/mask ist impossible.. ;-)
ip-whitelist-entry=192.168.1.0/24
___
spamdyke-users mailin
If the connection is not whitelisted - would it be possible that this multiline
From: may be a problem ?
Header-Blacklist-Entry:
From:*>,*<*
Mail-Header:
From: ,
,
,
Only an idea..
___
spamdyke-users mailing list
spamdyke-us
> 74-142-212-17.dhcp.insightbb.com
Simply not all reverse dns hostnames that contain the keyword dhcp are dynamic
ips.
___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users
eed some short time to
detect
emitting spam ips it is not worth to create filters that gives you al lot of
false
positives.
Lutz Petersen
___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users
> What sort of restriction(s) would you like to see for authenticated
> submissions? You might look into eMPF for these types of needs (policy
> restrictions).
Really simpel: To be safe we in general don't allow clients to access if
the ip is listed at spamhaus sbl-xbl. This had good effects.
> But I was going to post about this too. I also would love the *option* to
> enable filters even if there's authentication.
May be it's simple: spamdyke sits in front of all and does authentification
in your case. Shouldn't it be possible to insert the classic rblsmtpd between
spamdyke and den s
nts=15
And you'll get off those defect hosts..
Lutz Petersen
___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Blocking a TLD makes no sense. Usually it should be the best practice simply
using the main blacklists - even if Russians have a bad reputation in public
it's not true that they are spamming more than other countries - some of well
reputated countries in the western hemisphere are much more spamv
I'm irritated about a lot of 'DENIED_OTHER' (no mailbox) or
'HEADER_BLACKLISTED' logfile
messages for IPs that are clearly listed in RBL's.
It seems that the check order should be changed in this way:
- (rdns..)
- rbl
- and _after_ that things like header_blacklist or no_mailbox
Lutz
_
> Aug 10 08:18:38 C2Q_Q9400 spamdyke[64027]: ALLOWED from: (unknown) to:
> [myemailaddress] origin_ip: 5.248.89.179 \
> origin_rdns: 5-248-89-179-broadband.kyivstar.net auth: (unknown)
Simply use the standard Blacklists. This IP (all ..broadband.kyivstar.net)
ist blacklisted by Spamcop, CBL
Sorry - was too fast. Here is what you need to add in your spamdyke.conf:
dns-blacklist-entry=bl.spamcop.net
dns-blacklist-entry=zen.spamhaus.org
dns-blacklist-entry=bl.mailspike.net
___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
htt
> Now I'm really puzzled...
Forget this. Simply configure the dns blacklists as posted;
you don't nead any rdns blacklist entries in Spamdyke..
___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spa
> I suppose the cleverest thing would be for someone to host an RHSBL based on
> results from the script
Sam - that should be no problem, we could do this.
Data should be an ascii file in rhsbl formt.
Feel free to contact me directly..
___
spamdyke-
Spamdyke Rule in the
Header Blacklist Session:
Subject: *FW_ hi*
Subject: *FW: hi*
Lutz Petersen
___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users
link.org
This list is free as the dnswl list.
Lutz Petersen
___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users
ls..
If rebooting one of these Servers there are init Scripts that copy 1:1 all
Files, empty Queues and so on from a Master at a Harddisk to the Ramdisk.
Lutz Petersen
___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/
We use a Script that contains this (using QMail and Spamdyke):
tail -f */spamdyke |\
sed -u '/^$/d'|\
sed -u '/TIMEOUT/d'|\
sed -u '/RDNS_MISS/d'|\
sed -u '/==$/d'|\
sed -u '/ERROR/d'|\
sed -u '/FILTER/d'|\
sed -u 's/^.*\]: //'|\
We do not (but whish) scan customer mails for Spam. But all Mails are scanned
againt Virus with ClamAV during Customers SMTP Session. This has nearly no
Overhaed.
Because we have customer servers different from those that send out mails to the
internet I thougt to install spamdyke on these - bu
> My list consists of
>
> b.barracudacentral.org
> zen.spamhause.org
Barracuda is not a relevant Blacklist. The most serious in (in this Order) are:
zen.spamhaus.org
bl.spamcop.net
bl.mailspike.net
___
spamdyke-users mailing list
spamdyke-users@
Again - do not use barracudacentral.org !
Instead make this spamdyke.conf Settings:
dns-blacklist-entry=zen.spamhaus.org
dns-blacklist-entry=bl.spamcop.net
dns-blacklist-entry=bl.mailspike.net
rhs-blacklist-entry=dbl.spamhaus.org
reject-empty-rdns
_
> What is wrong with barracuda? You said it isn't "relevant". What
> does that mean?
The barracuda list is not maintained as the other lists.
Beware - ist needs _huge_ manpower to produce good lists. Spamhaus
and Spamcop have worldwide offices working 24/7. Barracuda not;
the only usage of
> Funny, based on my own empirical evidence, Barracuda Central's DNSBL
> yields the best results.
99% of this Hits are false positives:
> 6956 81.35% b.barracudacentral.org
You are talking simply nonsense !
___
spamdyke-users mailing list
spamdyk
> Again - do not use barracudacentral.org !
> Instead make this spamdyke.conf Settings:
> dns-blacklist-entry=zen.spamhaus.org
> dns-blacklist-entry=bl.spamcop.net
> dns-blacklist-entry=bl.mailspike.net
> rhs-blacklist-entry=dbl.spamhaus.org
A good result of the configurations would look like t
Hi,
today we got some astonishing Mails - such Recipients:
*@domain.tld
Does anyone know how to prevent this ?
Lutz Petersen
___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users
49 matches
Mail list logo