Problem with Breaking ISPC

Discussion in 'Installation/Configuration' started by Morons, Mar 19, 2007.

  1. Morons

    Morons New Member

    HI, I have followed the installation of various RBL's in main.cf documented else ware in this forum, only to realise later that we are breaking ISPC! ISPC uses procmail filter to do spam/av control along with a multitude other functions.
    Spamassasin come default with an HUGE arsenal of ready set-up config files witch seem to be not included by ISPC such as can be found in
    /home/admispconfig/ispconfig/tools/spamassassin/usr/share/spamassassin/ directory. these include 20_dnsbl_tests.cf, 20_drugs.cf, 20_porn.cf, 25_spf.cf and many many more.
    By enabling functions like rbl lists in main.cf rather than in the control of spamassasin breaks the ISPC system in various ways
    1. It does not get added to the "score".
    2. It is system wide instead of per-user.
    3. It therefore bypasses the blacklists and more important the whitelists!
    Is there any way to include these in ISPC without editing the forms and mySQL tables to include the fields, and thus also the /root/ispconfig/scripts/lib/classes/ispconfig_procmail.lib.php code to rectify this?:cool:
    My /etc/postfix/main.cf contains:
    Code:
    invalid_hostname_reject_code = 554
    multi_recipient_bounce_reject_code = 554
    non_fqdn_reject_code = 554
    relay_domains_reject_code = 554
    unknown_address_reject_code = 554
    unknown_client_reject_code = 554
    unknown_hostname_reject_code = 554
    unknown_local_recipient_reject_code = 554
    unknown_relay_recipient_reject_code = 554
    unknown_sender_reject_code = 554
    unknown_virtual_alias_reject_code = 554
    unknown_virtual_mailbox_reject_code = 554
    unverified_recipient_reject_code = 554
    unverified_sender_reject_code = 554
    
    smtpd_recipient_restrictions =
                reject_invalid_hostname,
                reject_unknown_recipient_domain,
                reject_unauth_pipelining,
                permit_mynetworks,
                permit_sasl_authenticated,
                reject_unauth_destination,
                reject_rbl_client multi.uribl.com,
                reject_rbl_client dsn.rfc-ignorant.org,
                reject_rbl_client list.dsbl.org,
                reject_rbl_client sbl-xbl.spamhaus.org,
                reject_rbl_client bl.spamcop.net,
                reject_rbl_client opm.blitzed.org,
                reject_rbl_client blackholes.easynet.nl,
                reject_rbl_client cbl.abuseat.org,
                reject_rbl_client dul.dnsbl.sorbs.net,
                reject_rbl_client dnsbl.sorbs.net,
                permit
    The last two rbl's include servers from one of the local ISP's and that ISP is to *%(&$&(^% to fix this or get rid of the offenders, but clients insist in still receiving mail from them as it is one of the local large ISP's. If I now add that server to the whitelists they are ignored as this check is not done in the controlled environment of the procmail environment!
    The issue comes when we edit /root/ispconfig/scripts/lib/classes/ispconfig_procmail.lib.php or any other ISPC code is that we need to re-do it after each upgrade and or patch, yet some of these checks like porn, drugs would be nessesary for some servers!
     
    Last edited: Mar 19, 2007
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Why did you not add it to the individual user preferences file that ISPConfig uses for spamassassin. The master template is /root/ispconfig/isp/conf/user_prefs.master
     
  3. Morons

    Morons New Member

    Plainly because the /root/ispconfig/isp/conf/user_prefs.master file confuses me, you seem to have some variabbles in there and my guess is that they are "macro replaced" by the php app these are the variables / constants you have in {} brackets.
    Is there an include statement to use or can you perhaps post me an sample dnsbl entry?
     
  4. brengo

    brengo New Member

    Just a quick FYI: opm.blitzed.org is dead - don't use it anymore (have a look at their wiki if you don't believe me :).
     
  5. Morons

    Morons New Member

    RBL'S come and go!

    Ah yes, thank you, I already had to change some of them because they change fast. Seems there is no money in RBL listing and they probably have lots of traffic bills to pay!
    Here today gone tomorrow.:mad:
     

Share This Page