Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > Tips/Tricks/Mods

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #81  
Old 12th March 2011, 18:12
Turbanator Turbanator is offline
Senior Member
 
Join Date: Jun 2008
Posts: 220
Thanks: 23
Thanked 16 Times in 16 Posts
Default

Still major problems, I may need to setup the spamsnake gateway and/or sign up for gmail for business.

but before I do....I setup the spamtrap and tested it using 1 email from my yahoo.com email address. I sent a test email to a valid address and the spamtrap address in the same email (not cc. The email still got through to the valid address.

Can you explain how the trap is supposed to work? And I assume that if spam goes to valid addresses first and the spamtrap last, the trap won't catch anything, yes?
Reply With Quote
Sponsored Links
  #82  
Old 12th March 2011, 18:30
crypted crypted is offline
Senior Member
 
Join Date: Dec 2006
Location: Oklahoma, USA
Posts: 429
Thanks: 3
Thanked 14 Times in 6 Posts
Default

It worked on my old setup. But I see on newer stuff it doesn't work now, as you stated. I will research that.

Are most of these emails you have problems with also used on websites, forums, facebook (publicly viewable), and the like? Is there some way that multiple harvesters keep hitting them?

You could almost ban anything with an image in the body with a body_check.
__________________
ISPC3 on Debian! It's great!
Reply With Quote
  #83  
Old 12th March 2011, 18:35
Turbanator Turbanator is offline
Senior Member
 
Join Date: Jun 2008
Posts: 220
Thanks: 23
Thanked 16 Times in 16 Posts
Default

it seems many aren't even image spam anymore. just simple spam that spamassassin thinks are negative value (so valid emails). I think the spamsnake gateway is my next try.
Reply With Quote
  #84  
Old 12th March 2011, 18:37
crypted crypted is offline
Senior Member
 
Join Date: Dec 2006
Location: Oklahoma, USA
Posts: 429
Thanks: 3
Thanked 14 Times in 6 Posts
Default

When I had negative values, they were still caught by the RBLs. Are you using those too?
__________________
ISPC3 on Debian! It's great!
Reply With Quote
  #85  
Old 12th March 2011, 18:42
Turbanator Turbanator is offline
Senior Member
 
Join Date: Jun 2008
Posts: 220
Thanks: 23
Thanked 16 Times in 16 Posts
Default

yep, I have the same setup as you and same block lists. the spamtrap idea for sure isn't working though.
Reply With Quote
  #86  
Old 12th March 2011, 19:50
crypted crypted is offline
Senior Member
 
Join Date: Dec 2006
Location: Oklahoma, USA
Posts: 429
Thanks: 3
Thanked 14 Times in 6 Posts
Default

Make sure your main.cf has the RBL's I have:
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf, reject_unauth_destination, check_policy_service inet:127.0.0.1:60000, reject_rbl_client zen.spamhaus.org, reject_rbl_client dnsbl.sorbs.net, reject_rbl_client bl.spamcop.net, reject_rbl_client combined.rbl.msrbl.net, check_recipient_access regexp:/etc/postfix/spamtrap, permit

One RBL from the original HOWTO is defunct and might cause issues, so if you have an extra, remove it.

About the spam trap, it seems defunct now. Try http://blog.matws.net/post/2008/09/0...-1%3A-Spamtrap steps to do it their way. I'll play with that later today on if I get a chance.
__________________
ISPC3 on Debian! It's great!
Reply With Quote
  #87  
Old 12th March 2011, 19:56
crypted crypted is offline
Senior Member
 
Join Date: Dec 2006
Location: Oklahoma, USA
Posts: 429
Thanks: 3
Thanked 14 Times in 6 Posts
Default

Also, I wonder if there's some limitation where you cannot have more than one check_receipient_address in the main.cf string. I'm inclined to say no, or this ought to be working fine.

ISPC3 using mysql, so it has to have its check_recipient_address field. No way around that.
__________________
ISPC3 on Debian! It's great!
Reply With Quote
  #88  
Old 12th March 2011, 19:59
Turbanator Turbanator is offline
Senior Member
 
Join Date: Jun 2008
Posts: 220
Thanks: 23
Thanked 16 Times in 16 Posts
Default

I had to take out reject_rbl_client dnsbl.sorbs.net due to it causing issues with some valid senders from aol. I added it back in just now. I'll review the other link you sent, thanx.
Reply With Quote
  #89  
Old 30th March 2011, 02:40
Turbanator Turbanator is offline
Senior Member
 
Join Date: Jun 2008
Posts: 220
Thanks: 23
Thanked 16 Times in 16 Posts
Default

What about adding an SPF checker? Any downside?
http://www.webstershome.co.uk/conten...-spf-filtering

and Falko has a howto as well.
http://www.howtoforge.net/postfix_spf

Last edited by Turbanator; 30th March 2011 at 02:45.
Reply With Quote
  #90  
Old 30th March 2011, 03:55
crypted crypted is offline
Senior Member
 
Join Date: Dec 2006
Location: Oklahoma, USA
Posts: 429
Thanks: 3
Thanked 14 Times in 6 Posts
 
Default

Definitely not a downside. The only question will be whether SPF is utilized by domains where spam originates from. As the links discussion suggests, the spoofed email's "host" has to support SPF for it to be viable.

I read some Wikis a while back about SPF not being widely disseminated. That was the only reason I skipped it. If it helps, let me know so I can add it to the HOWTO?...
__________________
ISPC3 on Debian! It's great!
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Spamfilter policy - question about spam actions prisfeo Installation/Configuration 4 2nd February 2010 17:17
Ubuntu 8.04 Spamsnake - all SA scores 0.00 Thomas_Powers HOWTO-Related Questions 23 24th June 2008 18:37
complete spam protection with postfix - howto alexnz Server Operation 1 22nd June 2006 15:06
Howto let procmail move spam to folder? oversight HOWTO-Related Questions 9 1st May 2006 16:39
Webmin docs missing namit Server Operation 11 5th January 2006 10:51


All times are GMT +2. The time now is 04:40.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.