Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 2 > General

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 1st November 2006, 10:22
iovo iovo is offline
Junior Member
 
Join Date: Oct 2006
Posts: 29
Thanks: 1
Thanked 0 Times in 0 Posts
Question Global SPAM Blacklist and Whitelist

Hello,
How can i set global SPAM Blacklist and Whitelist for all e-mail user?

Thanks
Reply With Quote
Sponsored Links
  #2  
Old 2nd November 2006, 14:20
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,711
Thanks: 1,899
Thanked 2,702 Times in 2,545 Posts
Default

You can set this in SpamAssassin's global configuration file /home/admispconfig/ispconfig/tools/spamassassin/etc/mail/spamassassin/local.cf.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #3  
Old 23rd April 2007, 11:49
AlArenal AlArenal is offline
Senior Member
 
Join Date: Feb 2007
Location: Germany
Posts: 104
Thanks: 1
Thanked 5 Times in 5 Posts
Default

We are currently running into problems with some of our customers, because mail from addresses hosted on the same box gets incorrectly classified as spam. This morning we had an issue with mail from one person sending an email to another person (same domain) getting classified as spam (score of 5.7-5.9 mostly coming from SORBS (2.0) and NJABL (1.7)).

I turned RBL off in the global config file and now the customer receives viagra mails...

I understand that you cannot have a spam filter with a 100% correct hits, but there has to be a way to automatically add all domains / email addresses hosted on my box to a global whitelist.

I cannot find such a feature. Would it be easy to write a plugin for ISPConfig to do that? Is such a feature planned for ISPC 3?
Reply With Quote
  #4  
Old 24th April 2007, 18:27
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,711
Thanks: 1,899
Thanked 2,702 Times in 2,545 Posts
Default

You can use the whitelist feature on the User & Email tab of each web site.
Have you checked if your server got blacklisted? http://www.mxtoolbox.com/blacklists.aspx
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #5  
Old 24th April 2007, 21:39
AlArenal AlArenal is offline
Senior Member
 
Join Date: Feb 2007
Location: Germany
Posts: 104
Thanks: 1
Thanked 5 Times in 5 Posts
Default

All 6 IP addresses of the server are listed clean.

I know about ISPC's whitelist feature, but using it in this case would mean endless work. Take this scenario as an example:

- the server hosts 20 webs/domains
- a new web/domain gets added
- I'd have to manually add the 20 old domains to the new web's whitelist and add the new domain(s) to the old webs' whitelists

Easy to imagine that noone would ever want to take such a burden.
Reply With Quote
  #6  
Old 25th April 2007, 10:35
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 34,573
Thanks: 792
Thanked 4,980 Times in 3,901 Posts
Default

Your problem is not really ISPConfig related as we have not written our own spamfilter, ISPConfig uses spamassassin. If spamassassin or in your case the sorbs and njabl lists score a message wrong, we can not change that.

Adding all email addresses or local domains to a whitelist will open up your server to spam too, as spam senders use faked email addresses to send emails which might belong to your server too.

If you want to add all domains to a whitelist automatically, you will have to write such a feature. ISPConfig 3 useses amavis + spamassassin where a global whitelist might be easier to implement.

I recommend you to see why you are listed on sorbs instead and to remove your server from the blacklists.

Quote:
All 6 IP addresses of the server are listed clean.
But why is Sorbs and njabl reporting your mail as spam then? You should check the hostname of your mailserver too or the blacklisting of your server expired already.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #7  
Old 25th April 2007, 10:49
AlArenal AlArenal is offline
Senior Member
 
Join Date: Feb 2007
Location: Germany
Posts: 104
Thanks: 1
Thanked 5 Times in 5 Posts
Default

I understand what you mean by saying this problem is not clearly ISPC related. I though a global whitelist would be a solution and after reading your post it seems I'm wrong as I understand your point with faked email addresses.

The mails that got forwarded to me for further education told me this:
2.0 RCVD_IN_SORBS_DUL RBL: SORBS: sent directly from dynamic IP
address
[87.161.223.122 listed in dnsbl.sorbs.net]
1.7 RCVD_IN_NJABL_DUL RBL: NJABL: dialup sender did non-local SMTP
[87.161.223.122 listed in combined.njabl.org]

Obviously I cannot force our customers to get themselves a static ip address My first guess is, that there has to be a way to say: "This mail got sent through SMTP on this machine and therefore it can be trusted (unless my SMTP is not secure, but then I am in admin hell anyway) regardless from which IP it got sent."

I concede this all may have to do with the fact I never before had to deal closely with spamassassin and therefore I am lacking some fundamental knowledge of its configuration. Consider me your apprentice
Reply With Quote
  #8  
Old 25th April 2007, 10:57
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 34,573
Thanks: 792
Thanked 4,980 Times in 3,901 Posts
Default

I'am using also a dynamic IP on my workstation as most poeple with a "normal" DSL account.

Please check how your customers ends this mail, I'am pretty sure that he did not use your mailserver as smtp server in his mail client. I guess he runs a local mailserver at home or in office that sends the emails directly by smtp and did not use your server as mail relay. Please ask your customer which exact mailsetup he uses.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #9  
Old 26th April 2007, 13:02
AlArenal AlArenal is offline
Senior Member
 
Join Date: Feb 2007
Location: Germany
Posts: 104
Thanks: 1
Thanked 5 Times in 5 Posts
Default

Things tunred out to be a bit more complicated than I thought (they have this tendency, haven't they?). Our customer has got two domains (A, B). Both originally pointed to their old account hosted by another provider. Their 70-something mail addresses were all of the form xyz@A .

What we did was directing domain B to to our server. After creating all mail addresses with ISPC we changed the clients's configs as well as we let the old mail boxes (by the other hoster) be redirected to our server.

Beginning at that time they fetched their mail from our mail boxes and used our server as SMTP. Their mail addresses in their clients did not change and were still of the form xyz@A . Domain A still pointed to the other hoster, but I also added A as co-domain for web B on our server.

It was just yesterday late afternoon when domain A finally got freed by the other provider and reconnected, so that it now points to our server, too.

Maybe SA got as confused as I think that you must currently be

I'm gonna change SA's config back, re-enabling the rbl stuff this evening. We'll see what happens...

If that makes things easier for you as it will surely do for me ( ; ), I may better write you an email in German...
Reply With Quote
  #10  
Old 26th April 2007, 22:11
PoleCat PoleCat is offline
Member
 
Join Date: Mar 2007
Posts: 57
Thanks: 6
Thanked 3 Times in 3 Posts
 
Default

Quote:
Originally Posted by till
ISPConfig 3 useses amavis + spamassassin where a global whitelist might be easier to implement.
Why the addition of AMaViS?
Will it be a ClamAV + AMaViS + Spamassassin + Postfix solution?
What is the benefits of adding AMaViS?
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Whitelist / Blacklist themachine Feature Requests 1 19th January 2006 06:49


All times are GMT +2. The time now is 22:26.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.