bgware: mailfront / qmail-qfilter / vmailmgr "spring'08 cleanup" required...


Previous by date: 5 May 2008 21:56:52 -0000 issues because of forwarded mails : "550 Too many errors from your IP", Olivier Mueller
Next by date: 5 May 2008 21:56:52 -0000 Re: mailfront / qmail-qfilter / vmailmgr "spring'08 cleanup" required..., Trevor Astrope
Previous in thread:
Next in thread: 5 May 2008 21:56:52 -0000 Re: mailfront / qmail-qfilter / vmailmgr "spring'08 cleanup" required..., Trevor Astrope

Subject: mailfront / qmail-qfilter / vmailmgr "spring'08 cleanup" required...
From: Olivier Mueller ####@####.####
Date: 5 May 2008 21:56:52 -0000
Message-Id: <1210024604.9013.92.camel@bigapple.omnis.ch>

Hello,

Since a few years, I've been using this basic qmail-smtpd / cvm
validation setup on some servers based on qmail + vmailmgr:
http://qmail.omnis.ch/om/current_setup_20080505/
Then I added some basic antispam stuff (ospam, based on .qmail files),
and everything was fine. 

But now since a few weeks/months, it seems it is not enough anymore
(cf. my mail with subject 'issues because of forwarded mails : "550 Too
many errors from your IP"') : even without local problems
(scripts/customers sending spams), servers are getting blacklisted from
time to time, and I would like to prevent that...

Now, I'm thinking about adding:
- spam check on smtp level as well (to prevent problems with spams
  sent to local users with forwarding addresses), and reporting status
  like this mail server for example (not just "message refused"): 

@40000000481f7eaf0a90cfa4 starting delivery 10823: msg 940105 to remote
####@####.####
@40000000481f7eaf0a90e32c status: local 12/100 remote 2/120
@40000000481f7eb81ef77f74 delivery 10823: failure:
213.160.40.17_failed_after_I_sent_the_message./Remote_host_said:_554_5.7.1_Spamassassin-Score:_18.1
01_>=_7_:_Content_indicates_spam:_BAYES_50,DCC_CHECK,DIGEST_MULTIPLE,DNS_FROM_RFC_DSN,GIF_IMAGE_EXTRA_3,HTML_MESSAGE,IMPPYZOR_CHECK,LONGWORD,MIME_HTML
_ONLY,RAZOR2_CF_RANGE_51_100,RAZOR2_CF_RANGE_E4_51_100,RAZOR2_CHECK,RBL_COMBO_A_2,RBL_COMBO_PS_2,RCVD_IN_CBL_SPAM,RCVD_IN_UCE_SPAM,SPAMPIC_SUSPECT,SPA
MTRAP_COMBO_2,TDE_RO_BV_GRATIS,TDE_WS_BV_PREIS1/
@40000000481f7eb81ef7a684 status: local 3/100 remote 3/120
@40000000481f7eb8309412c4 bounce msg 940105 qp 25730

- greylisting in some cases  (spamdyke looks promising?)
- better use of rbl's (with possibility for the users to turn this
  on/off depending on the user preferences)
- stuff to detect expired mail forwarders (the one from Jeremy is good,
  but maybe "too" strong for sensitive servers, for example with a
  server sending a 554 like the one a few lines up)

So I just would like to know: how are you handling all that on your
servers?  If you have some sample setup / scripts, that would be
nice... :)   And it shouldn't if possible be based on qmail patches
(beside QMAILQUEUE).  I spent a moment browsing & searching for
solutions this afternoon, but all I could find were old / outdated
scripts, and I'd be glad not having to reinvent the wheel again.  The
solution may also cost a little bit if really necessary...

Thanks & regards from Z├╝rich,
Olivier


Previous by date: 5 May 2008 21:56:52 -0000 issues because of forwarded mails : "550 Too many errors from your IP", Olivier Mueller
Next by date: 5 May 2008 21:56:52 -0000 Re: mailfront / qmail-qfilter / vmailmgr "spring'08 cleanup" required..., Trevor Astrope
Previous in thread:
Next in thread: 5 May 2008 21:56:52 -0000 Re: mailfront / qmail-qfilter / vmailmgr "spring'08 cleanup" required..., Trevor Astrope


Powered by ezmlm-browse 0.21.