Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 2 > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 5th October 2008, 16:28
Melchior Melchior is offline
Junior Member
 
Join Date: Jul 2007
Location: Germany, Darmstadt
Posts: 25
Thanks: 5
Thanked 1 Time in 1 Post
Default Help: Outgoing Emails (no dialup) are getting spam-ranked by HELO_DYNAMIC_IPADDR

Hello,
I'm having big troubles. I just get noticed that I've got a spam-problem with my outgoing emails. Hope somebody can help me..

I've got two domains: SAMPLE-A.NET and SAMPLE-B.NET Both are managed by ISPConfig which runs on the same server in a datacenter (web/mail/dns/ftp)

When I'm writing from USER@SAMPLE-A.NET to USER@SAMPLE-B.NET with my mailclient, the incoming mail gets marked as spam.

Code:
Content analysis details:   (6.7 points, 1.0 required)

pts rule name              description
---- ---------------------- --------------------------------------------------
0.5 RCVD_IN_PBL            RBL: Received via a relay in Spamhaus PBL
                           [90.186.xxx.xxx listed in zen.spamhaus.org]
0.3 DNS_FROM_DOB           RBL: Sender from new domain (Day Old Bread)
0.8 RCVD_IN_DOB            RBL: Received via relay in new domain (Day Old Bread)
0.5 FH_HELO_EQ_D_D_D_D     Helo is d-d-d-d
2.9 HELO_DYNAMIC_IPADDR    Relay HELO'd using suspicious hostname (IP addr
                           1)
0.1 RDNS_DYNAMIC           Delivered to trusted network by host with
                           dynamic-looking rDNS
1.4 AWL                    AWL: From: address is in the auto white-list
I've got absolutly no idea what's going wrong. SpamAssisin is thinking that the mail comes directly from DIALUP and not via my Webserver. The server itself has a technical domain TECH-DOMAIN.NET that is mentioned in my postconf (posted it bellow).


Has somebody an idea? I going mad with this mail settings. I thougt I set it right up some month ago

tthhhhhxx!
melchior








MAIN.CF
Code:
myhostname = HOSTNAME.TECH-DOMAIN.NET (this is a sample name!)
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no
append_dot_mydomain = no

debug_peer_list = SAMPLE-B.NET
debug_peer_level = 5

# TLS
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtp_use_tls = yes
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache


mynetworks = 127.0.0.0/8
mydestination = /etc/postfix/local-host-names
mynetworks = all

alias_database = hash:/etc/aliases
relayhost = 

mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
message_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all

smtpd_sasl_auth_enable = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_local_domain = 
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes

smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination
smtpd_tls_auth_only = no
smtpd_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom

virtual_maps = hash:/etc/postfix/virtusertable
home_mailbox = Maildir/
Reply With Quote
Sponsored Links
  #2  
Old 6th October 2008, 11:05
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 37,001
Thanks: 840
Thanked 5,650 Times in 4,460 Posts
Default

How does the part "HOSTNAME" exactly looks like?
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 6th October 2008, 11:37
Melchior Melchior is offline
Junior Member
 
Join Date: Jul 2007
Location: Germany, Darmstadt
Posts: 25
Thanks: 5
Thanked 1 Time in 1 Post
Default

hi till,

Code:
myhostname = balthasar.saxxxus.net
sacratus.net is my technical domain.

for mx-entries in dns i'm using: 'mail.oxxxxo.de'
I tried to use 'balthasar.saxxxtus.net' but then mail aren't able to be delivered to me.

thx!
melchior

Last edited by Melchior; 6th October 2008 at 16:55.
Reply With Quote
  #4  
Old 6th October 2008, 16:05
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,749 Times in 2,579 Posts
Default

Run
Code:
postconf -e 'smtpd_sasl_authenticated_header = yes'
and restart Postfix.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #5  
Old 7th October 2008, 09:07
Melchior Melchior is offline
Junior Member
 
Join Date: Jul 2007
Location: Germany, Darmstadt
Posts: 25
Thanks: 5
Thanked 1 Time in 1 Post
Default

hi,

I just tested the new config from home (where's no static ip)

The mail is rated again as spam:
(no, vitaminp is no pill selling : )

header
Code:
Date: 	7. Oktober 2008 08:02:05 MESZ
	From: 	mail@vitaminp.org
	Subject: 	***SPAM*** test
	To: 	mailtest@omoo.de
	Received: 	from localhost by balthasar.sacratus.net with SpamAssassin (version 3.2.4); Tue, 07 Oct 2008 08:02:19 +0200
	Message-Id: 	<4B8F7C63-1891-469C-B495-478317BC7D92@vitaminp.org>
	X-Spam-Flag: 	YES
	X-Spam-Checker-Version: 	SpamAssassin 3.2.4 (2008-01-01) on balthasar.sacratus.net
	X-Spam-Level: 	******
	X-Spam-Status: 	Yes, score=6.9 required=1.0 tests=FH_HELO_EQ_D_D_D_D, HELO_DYNAMIC_IPADDR,RCVD_IN_PBL,RDNS_DYNAMIC,TVD_SPACE_RATIO autolearn=no version=3.2.4
	Mime-Version: 	1.0
	Content-Type: 	multipart/mixed; boundary="----------=_48EAFB6B.3C40B86E"
body
Code:
Spam detection software, running on the system "balthasar.sacratus.net", has
identified this incoming email as possible spam.  The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email.  If you have any questions, see
the administrator of that system for details.

Content preview:  test [...] 

Content analysis details:   (6.9 points, 1.0 required)

pts rule name              description
---- ---------------------- --------------------------------------------------
0.5 FH_HELO_EQ_D_D_D_D     Helo is d-d-d-d
2.9 HELO_DYNAMIC_IPADDR    Relay HELO'd using suspicious hostname (IP addr
                           1)
0.5 RCVD_IN_PBL            RBL: Received via a relay in Spamhaus PBL
                           [77.25.140.195 listed in zen.spamhaus.org]
2.9 TVD_SPACE_RATIO        BODY: TVD_SPACE_RATIO
0.1 RDNS_DYNAMIC           Delivered to trusted network by host with
                           dynamic-looking rDNS



From: Marco xxx <mail@vitaminp.org>
Date: 7. Oktober 2008 08:02:05 MESZ
To: Marco Frank <mailtest@omoo.de>
Subject: test

test

test

thx for help!
melchior
Reply With Quote
  #6  
Old 7th October 2008, 18:30
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,749 Times in 2,579 Posts
Default

Is the server hosted on a dynamic IP, or is it in a data center?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #7  
Old 7th October 2008, 19:04
Melchior Melchior is offline
Junior Member
 
Join Date: Jul 2007
Location: Germany, Darmstadt
Posts: 25
Thanks: 5
Thanked 1 Time in 1 Post
Default

hi,

the server is housed in ffm/germany,

when I'm sending from office (static ip) no problem are occuring.
only from home via dialup I get spam ranked,

greetings,
melchior
Reply With Quote
  #8  
Old 8th October 2008, 13:22
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,749 Times in 2,579 Posts
 
Default

According to http://www.gossamer-threads.com/list...in/users/89040 it could be a problem with your reverse record. What's the reverse record for your server's IP?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Ubuntu 8.04 Spamsnake - all SA scores 0.00 Thomas_Powers HOWTO-Related Questions 23 24th June 2008 18:37
Check outgoing mail? spam? spuppy General 2 24th March 2008 17:27
SPAM: whitelisting local domains (safe emails)... lyndros Tips/Tricks/Mods 3 7th October 2007 21:27
Postfix outgoing spam sinjab Server Operation 6 1st September 2007 02:30
Outgoing mail SPAM protection trough phpmail Elfchen Feature Requests 3 10th August 2007 20:55


All times are GMT +2. The time now is 06:50.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.