Results 1 to 9 of 9
  1. #1
    Join Date
    Nov 2001
    Location
    Lima, Peru
    Posts
    84

    RBL Blocking My Clients

    Hi, I run a Plesk 7.0.5 server, qmail is the MTA.

    SpamAssassin is killing my server and I would like to use RBL's and MAPS, however when I used SpamCop or SpamHaus in the past some of my clients had problems sending emails.

    The thing is that the main provider of ADSL in my country, where I have many clients, has many IP's listed by SpamHaus, these are dynamic IP's assigned per each ADSL connection so one of my valid clients could be using an IP that was blocked because a spammer used that IP some days ago.

    Is there any way I can change smtp_psa so I still use RBL but whitelist IP ranges for these ADSL users in my country?

    Plesk uses xinetd to manage the qmail smtp part.

    Regards!

  2. #2
    Join Date
    Dec 2004
    Location
    New York City, NY, USA
    Posts
    735
    The simple solution: use a different set of RBLs. On my mail servers I use:

    relays.ordb.org
    list.dsbl.org
    sbl-xbl.spamhaus.org

  3. #3
    Join Date
    Nov 2001
    Location
    Lima, Peru
    Posts
    84
    Hi, I am currently using relays.ordb.org and bl.spamcop.net.

    I would like to use sbl-xbl.spamhaus.org too because it catches lots of spam as far as I know but they also catch valid ADSL users in my country (because of the dynamic IP's).

    How does using different RBLs would help? Do you mean that if some IP is blocked by, for example, spamcop and spamhaus, but it's not blocked by relays.ordb.org then it can pass?

    Or the IP just needs to be listed in one RBL to be discarded?

    Thank you very much.

  4. #4

    smtp_psa + rbl whitelist

    Hi,

    Is your smtp_psa looks something like this?

    --------------
    server_args = /usr/sbin/rblsmtpd -r sbl-xbl.spamhaus.org -r bl.spamcop.net /var/qmail/bin/relaylock /var/qmail/bin/qmail-smtpd /var/qmail/bin/smtp_auth /var/qmail/bin/true /var/qmail/bin/cmd5checkpw /var/qmail/bin/true
    --------------

    What you can do is setup whitelist.xxxxx.com on your local dns, and add them to your smtp_psa

    --------------
    server_args = /usr/sbin/rblsmtpd -a whitelist.xxxxx.com -r sbl-xbl.spamhaus.org -r bl.spamcop.net /var/qmail/bin/relaylock /var/qmail/bin/qmail-smtpd /var/qmail/bin/smtp_auth /var/qmail/bin/true /var/qmail/bin/cmd5checkpw /var/qmail/bin/true
    --------------

    Thank you,
    Malaysia Hosting :: ipserverone.com

  5. #5
    Join Date
    Nov 2001
    Location
    Lima, Peru
    Posts
    84
    Thanks a lot, that's exactly what I was looking for, however after reading http://cr.yp.to/ucspi-tcp/rblsmtpd.html I still don't know how to setup whitelist.xxxxx.com.

    Is whitelist.xxxxx.com a text file with some special format or just a list of IP addresses?

    The manual states:

    Options:

    * -r base: Use base as an RBL source. An IP address a.b.c.d is listed by that source if d.c.b.a.base has a TXT record. rblsmtpd uses the contents of the TXT record as an error message for the client.
    * -a base: Use base as an anti-RBL source. An IP address a.b.c.d is anti-listed by that source if d.c.b.a.base has an A record. In this case rblsmtpd does not block mail.
    Thank you very much for your help.

  6. #6
    Hi,

    This is a sample from my configuration. where it will exclude the ip ranged from
    219.94.x.x and 219.95.x.x



    in your named.conf
    =================================
    zone "whitelist.ipserverone.com" {
    type master;
    file "/var/named/whitelist.ipserverone.com.hosts";
    };
    =================================


    in your whitelist.ipserverone.com.hosts
    =================================
    $ttl 900
    whitelist.ipserverone.com. IN SOA ns1.ipserverone.com. dnsadmin.ipserverone.com. (
    1081600301
    10800
    3600
    1800
    900 )
    whitelist.ipserverone.com. IN NS ns1.ipserverone.com.
    whitelist.ipserverone.com. IN A 127.0.0.1
    *.94.219.whitelist.ipserverone.com. IN A 127.0.0.3
    *.95.219.whitelist.ipserverone.com. IN A 127.0.0.3
    =================================

    Thanks
    Malaysia Hosting :: ipserverone.com

  7. #7
    Join Date
    Jan 2004
    Location
    Boise, ID
    Posts
    2,449
    For one, when using Plesk you DO NOT edit configuration files manually unless you want to do it again everytime any 1/2 way major change happens.

    You can set the whitelist inside Plesk.

    Now for 2. Why is Spamassasin killing your server?

    3. Why are you running a version of plesk that is about 15 releases behind also? Your problems with spamassasin are probably due to lack of upgrading for bug corrections that have taken place and improvements with the integrated spamassassin.

  8. #8
    Join Date
    Nov 2001
    Location
    Lima, Peru
    Posts
    84
    Hi, thank you for your help.

    Cllee: Thanks a lot, I will try to implement this, I guess that whitelist.ipserverone.com should be replaced by something like whitelist.my-realdomain.com right?

    Also, why the use of 127.0.0.3 and not the "common" local 127.0.0.1 in the last two lines?

    Larry: I made a typo in my original post, I'm running Plesk 7.5.1.

    You can set the whitelist inside Plesk
    Is this the whitelist in Server > Mail > Whitelist? Is this run before the messages get to the mail server and performs the same function as the solution suggested by Cllee?

    I am aware Plesk could make changes to what I edit, in Apache you can use some predefined include files to include your changes, how could I get this done with bind?

    Spamassassin was killing my server for several reason:

    1. Using a P4 Celeron / IDE class server with too many domains on it, I have moved some domains to one of my other servers with much power and intented to completely migrate as soon as possible, you know how boring is moving lots of domains from server to server.

    2. Using too many custom rules (including the now obsolte bigevil.cf)

    3. A couple of spammers inside my server sendings lots of messages and getting lots of bounces (and getting us listed in SpamCop for 24 hours, gosh I hate spammers), whose accounts I already cancelled.

    4. A client selling lots emails with attachments (500Kb) to lots of non existent addresses, spamassassin was processing each one of the bounces.

    Well, I have fine tuned most of my mail system now but still will be moving to more powerful hardware and soon as I can.

    Thanks a lot for your comment guys.

  9. #9
    Hi, you got to change the whitelist.ipserverone.com to something else.

    127.0.0.2 - for blacklisted host
    127.0.0.3 - for whitelisted host

    See here for more information.

    ladro . com / docs /dns / rblsmtpd.html

    Thanks
    Malaysia Hosting :: ipserverone.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •