We have not whitelisted our own Domain. So spamdyke does rejects mails with a forged sender who uses our domain. The log looks like this:
Spamdyke DENIED_RLB_MATCH from: [email protected] to [email protected] origin_ip: 222.253.182.216 origin_rdns. 22.53.182.216.pool.ukrtel.net auth: (unknown) But some get through. And if I would blacklist our domain, who can I sent mail within the domain? Greetings Markus -----Ursprüngliche Nachricht----- Von: [email protected] [mailto:[email protected]] Im Auftrag von David Stiller Gesendet: Freitag, 13. November 2009 08:31 An: spamdyke users Betreff: Re: [spamdyke-users] Spam gets through even if its blacklisted Blacklisting all your local domains should help this. They used your local domain hoping, that you whitelisted them: > From: (c) VIAGRA (tm) Store <[email protected]> So add @kapuziner.org to blacklist. Am 12.11.2009 um 21:47 schrieb Markus Thüer: > Certainly: > > The header after spamdyke: > > Content-Type: message/rfc822; x-spam-type=original > Content-Description: original message before SpamAssassin > Content-Disposition: attachment > Content-Transfer-Encoding: 8bit > > Received: (qmail 12216 invoked from network); 12 Nov 2009 15:55:53 > +0100 > Received: from 87-205-53-218.adsl.inetia.pl (87.205.53.218) > by tabellarius.kapuziner.de with (RC4-MD5 encrypted) SMTP; 12 Nov > 2009 > 15:55:52 +0100 > From: (c) VIAGRA (tm) Store <[email protected]> > To: [email protected] > Subject: Personal 75% OFF to [email protected]. Pfizer. > Content-Type: text/html; charset="utf-8" > MIME-Version: 1.0 > > > After spamassian it looks like this: > > Received: from localhost by tabellarius.kapuziner.de > with SpamAssassin (version 3.2.3); > Thu, 12 Nov 2009 15:55:59 +0100 > From: (c) VIAGRA (tm) Store <[email protected]> > To: [email protected] > Subject: *****SPAM***** Personal 75% OFF to > [email protected]. Pfizer. > X-Spam-Flag: YES > X-Spam-Checker-Version: SpamAssassin 3.2.3 (2007-08-08) on > tabellarius.kapuziner.de > X-Spam-Level: **************************** > X-Spam-Status: Yes, score=28.9 required=7.0 > tests=BAYES_95,FH_HELO_EQ_D_D_D_D, > > HELO_DYNAMIC_HCC,HELO_DYNAMIC_IPADDR2,HTML_IMAGE_ONLY_28,HTML_IMAGE_RA > TIO_02 > , > > HTML_MESSAGE,MIME_HTML_ONLY,MISSING_DATE,MISSING_MID,RCVD_IN_BL_SPAMCO > P_NET, > > RCVD_IN_PBL,RCVD_IN_SORBS_WEB,RCVD_IN_XBL,RDNS_DYNAMIC,URIBL_AB_SURBL, > URIBL_BLACK,URIBL_JP_SURBL,URIBL_WS_SURBL,URI_HEX autolearn=spam > version=3.2.3 > MIME-Version: 1.0 > Content-Type: multipart/mixed; boundary="----------=_4AFC21FF. > 60B4CCD4" > > > > > Eric worte: > > Will you post an example header of an email that passed spamdyke > but was > tagged as spamassassin? That would allow us to help you troubleshoot. > Short of that, we can only speculate. > > Markus Thüer wrote: >> Hi, >> >> >> >> I got an interesting problem. >> >> I am running spamdyke on Plesk (8.04) for 18 Month now and it was >> working very nicely all the time. Since a few weeks a number of spams >> are getting through. But then they are identified and marked by >> spamassasin which is also running with plesk. >> >> But spamdyke is using the same blacklists as spamassasin. So they >> should >> be rejected before they reach spamassasin . >> >> >> >> The first thing I tried, was to update spamdyke for I was working >> with >> 3.1.8 >> >> So now I have the newest version but the behavior is still the same. >> >> >> >> I am not really an expert, but still I have to manage a server >> with 400 >> accounts and quite a bit of traffic. >> >> >> >> So if you could give me a hint where to look and how to find out why >> these mails are getting through I would be happy. >> >> >> >> Here my configuration: >> >> >> >> max-recipients=20 >> >> reject-empty-rdns >> >> reject-ip-in-cc-rdns >> >> reject-missing-sender-mx >> >> reject-unresolvable-rdns >> >> dns-blacklist-entry=zen.spamhaus.org >> >> dns-blacklist-entry=multi.uribl.com >> >> dns-blacklist-entry=bl.spamcop.net >> >> graylist-level=always >> >> graylist-dir=/var/qmail/spamdyke/greylist >> >> graylist-max-secs=1814400 >> >> graylist-min-secs=300 >> >> local-domains-file=/var/qmail/control/rcpthosts >> >> >> >> >> >> many thanks >> >> >> >> Markus >> >> >> >> >> >> >> --------------------------------------------------------------------- >> --- >> >> _______________________________________________ >> spamdyke-users mailing list >> [email protected] >> http://www.spamdyke.org/mailman/listinfo/spamdyke-users > > > -- > -Eric 'shubes' > > _______________________________________________ > spamdyke-users mailing list > [email protected] > http://www.spamdyke.org/mailman/listinfo/spamdyke-users > > _______________________________________________ > spamdyke-users mailing list > [email protected] > http://www.spamdyke.org/mailman/listinfo/spamdyke-users David Stiller Technischer Support Neues von Blackbit: aktuelle Projekte und Wissenswertes aus unserer Werbeagentur unter http://www.blackbit.de/tagebuch Blackbit neue Medien GmbH Ernst-Ruhstrat-Straße 6 - D-37079 Göttingen Tel.: +49-551-50675-60 - Fax: +49-551-50675-20 E-Mail: [email protected] Hotline: [email protected] Amtsgericht Göttingen: HRB 3222 USt-IdNr.: DE 813114917 Geschäftsführer: Herr Stefano Viani _______________________________________________ spamdyke-users mailing list [email protected] http://www.spamdyke.org/mailman/listinfo/spamdyke-users
