Trend Micro RBL - ISPconfig 2 problem

Discussion in 'General' started by dolmax, Jan 4, 2011.

  1. dolmax

    dolmax New Member

    I have been using ISPconfig 2 on one of my older servers. I have received some complaints from the users on that server, for messages being rejected by Trend Micro RBL based servers, tagged as spam.

    I have checked their RBL and found out that the mail server IP address is on their list. I have requested de-listing based on the following facts;
    - the server has a dedicated IP address, is not NAT'ing and is not sharing Internet connection with another device.
    - I have static IP address and related PTR records on the ISP side.

    Trend personel has contacted me saying that my mail server is "mis-configured". Below is the actual message from Trend;

    We first started to see spam from 78.X.Y.Z 16 March 2009, and this has
    continued through 2011.
    Based on the spam on file, your mail server is misconfigured - but please read on.
    Currently, you accept mail for domains (including, then later
    attempt to deliver it to local users.  If you can not (mailbox full, user
    unknown, administratively prohibited, etc - for example, [email protected]),
    you create a NDR, append the original mail, and forward the result to the
    From: address in the original mail.
    Unfortunately, virtually all spam uses forged From: information, so these
    NDR's end up going to innocent third parties.  Please properly configure your
    mail server to reject undeliverable mail during the incoming SMTP session, via
    a 5xx status respons to an undeliverable RCPT TO command.
    I'll send an example header in the following mail.  If you do not get the
    message within 300 seconds of this one, you are using a content-based spam
    filter - please disable it.
    Once you have properly configured your mail server, and secured the spam,
    please let me know the details of what you did, and exactly when you did it.
    Need help.

  2. till

    till Super Moderator Staff Member ISPConfig Developer

    As far as I know, the default ispconfig 2 setup (perfect setup guide) does not send anything back when a email is detected as spam. Spams are either tagged in the subject or deleted, but they get never bounced. Have you added or reconfigured something in the spam scanning part?

    As ISPConfig 2 uses a setup based on linux systm users, it acceps by default email for system users. If you want to limit email to users that are creatd in ispconfig only and you use postfix as mta, then you should set the email mode from sendmail to postfix in the file and then edit a email user and save the changes in ispconfig to get your system configuration rewritten.
    Last edited: Jan 4, 2011
  3. dolmax

    dolmax New Member

    I have installed the server using the How2Forge howto document without further modifications. No configuration related changes. This is the only ISPconfig 2 server that I get spam reports for.

    I'll check the sendmail/postfix key.

  4. falko

    falko Super Moderator ISPConfig Developer

    Do you have SPF records for your domains?
  5. dolmax

    dolmax New Member

    Yes I have SPF record for that domain.

Share This Page