You are correct -- authenticated connections should bypass graylisting
and all other filters. If that isn't working, your users should be
reporting lots of problems, because their MUAs (e.g. Outlook,
Thunderbird) won't be able to deliver email to your server -- they'll
get the graylist rejection message.
First, I would recommend several changes to your configuration. You're
correct that you can remove rblsmtpd and allow spamdyke to check
blacklists. This is a better solution because spamdyke will not check
blacklists for authenticated users (once we fix your authentication
problem, that is). So you should add the following lines to your
spamdyke.conf file:
check-dnsrbl=list.dsbl.org
check-dnsrbl=dnsbl.njabl.org
check-dnsrbl=bl.spamcop.net
Changes to spamdyke.conf will take effect as soon as you save the file.
Also, I seem to recall that spamdyke and relaylock don't get along
perfectly well; spamdyke does better when it runs before relaylock (I
can't find my notes on this to explain why). Once you remove rblsmtpd
and move relaylock around, your smtp_psa file should look like this:
service smtp
{
socket_type = stream
protocol = tcp
wait = no
disable = no
user = root
instances = UNLIMITED
server = /var/qmail/bin/tcp-env
server_args = -Rt0 /usr/local/bin/spamdyke -f /etc/spamdyke.conf
/var/qmail/bin/relaylock /var/qmail/bin/qmail-smtpd
/var/qmail/bin/smtp_auth /var/qmail/bin/true /var/qmail/bin/cmd5checkpw
/var/qmail/bin/true
}
To force xinetd to reload its configuration, use this command:
killall -HUP xinetd
If those changes don't fix the problem, there are several things you can
do to troubleshoot it. The fastest way is to look at the maillog file
(Plesk moves it to /usr/local/psa/var/log/maillog). Look for spamdyke
log entries that start with "DENIED_GRAYLISTED" and also show a username
after "auth:" at the end of the line. If you find any, that means
spamdyke saw the authorization but still performed graylisting. That
would be a bug, so I'll need your help to fix it.
Next, look for spamdyke log entries that start with "DENIED_GRAYLISTED"
and end with "auth: (unknown)". If the "to:" and "from:" indicate the
messages are from your users to remote addresses, they probably should
have authenticated and bypassed graylisting. If the graylist filter
blocked them anyway, there might be a bug in spamdyke that isn't
allowing it to snoop on the qmail authentication. If you could turn on
full logging (with "full-log-dir") and send me the log of a connection
that authenticated but was graylisted anyway, I would appreciate it.
-- Sam Clippinger
Markus Thüer wrote:
>
> Hi,
>
> I am new to this list, and first I want to say thank you for spamdyke.
>
> I installed it recently on a Plesk 8.3 System for greylisting and it
> works fine.
>
> But I have problems with the authentification. I read the archive but
> I am still a bit confused and I am new to server administration. So
> please forgive me if I ask “silly” questions.
>
> I noticed that even mail accounts of my own domain were greylisted.
> After they are authentificated they should bypass spamdyke. Shouldn’t
> they?
>
> I read that from spamdyke 3.0.0 I don’t have to use the
> authentifcation in spamdyke because the authtentification of qmail is
> honored.
>
> So how do I get this working ?
>
> I am also using the blackhole daemon provided by plesk. Would it be
> better to use spamdyke for this?
>
> I don’t dare to simply try things out on the server, for it is a live
> system with more than 400 e-mail accounts and I will (probably) be
> killed if it should stop working.
>
> So I want to be quite confident before I start to try anything. So
> please boost my confidence by giving me some hints how it should work.
>
> This is my spamdyke.conf:
>
> log-level=2
>
> local-domains-file=/var/qmail/control/rcpthosts
>
> max-recipients=15
>
> idle-timeout-secs=60
>
> graylist-dir=/var/qmail/spamdyke/greylist
>
> graylist-min-secs=300
>
> graylist-max-secs=4814400
>
> #policy-url=http:/www.kapuziner.org/greylisting.html
>
> #sender-blacklist-file=/var/qmail/spamdyke/blacklist_senders
>
> #recipient-blacklist-file=/var/qmail/spamdyke/blacklist_recipients
>
> #ip-in-rdns-keyword-file=/var/qmail/spamdyke/blacklist_keywords
>
> #ip-blacklist-file=/var/qmail/spamdyke/blacklist_ip
>
> #rdns-blacklist-dir=/var/qmail/spamdyke/blacklist_rdns.d
>
> #rdns-whitelist-file=/var/qmail/spamdyke/whitelist_rdns
>
> #ip-whitelist-file=/var/qmail/spamdyke/whitelist_ip
>
> #greeting-delay-secs=5
>
> #check-dnsrbl=ix.dnsbl.manitu.net
>
> #check-dnsrbl=zen.spamhaus.org
>
> #check-dnsrbl=list.dsbl.org
>
> #check-dnsrbl=zombie.dnsbl.sorbs.net
>
> #check-dnsrbl=dul.dnsbl.sorbs.net
>
> #check-dnsrbl=bogons.cymru.com
>
> #reject-missing-sender-mx
>
> #reject-empty-rdns
>
> #reject-unresolvable-rdns
>
> #reject-ip-in-cc-rdns
>
> ls-certificate-file=/var/qmail/control/servercert.pem
>
> local-domains-file=/var/qmail/control/rcpthosts
>
> And this the smtp_psa file for xinetd.d:
>
> service smtp
>
> {
>
> socket_type = stream
>
> protocol = tcp
>
> wait = no
>
> disable = no
>
> user = root
>
> instances = UNLIMITED
>
> server = /var/qmail/bin/tcp-env
>
> server_args = -Rt0 /usr/sbin/rblsmtpd -r list.dsbl.org -r
> dnsbl.njabl.org -r bl.spamcop.net /var/qmail/bin/
>
> relaylock /usr/local/bin/spamdyke -f /etc/spamdyke.conf
> /var/qmail/bin/qmail-smtpd /var/qmail/bin/smtp_auth /var/qmail/b
>
> in/true /var/qmail/bin/cmd5checkpw /var/qmail/bin/true
>
> }
>
> Thanks for any help.
>
> minorum
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> spamdyke-users mailing list
> [email protected]
> http://www.spamdyke.org/mailman/listinfo/spamdyke-users
>
_______________________________________________
spamdyke-users mailing list
[email protected]
http://www.spamdyke.org/mailman/listinfo/spamdyke-users
