Page 1 of 2 12 LastLast
Results 1 to 10 of 18
  1. #1
    Junior Member
    Join Date
    Sep 2003
    Posts
    20

    Default RBL Filter before forwarding E-mail?

    I have to forward e-mail from a Westhost account to another e-mail address that uses RBL to block SPAM. The RBL on my other account completely stops SPAM, but everything sent to my Westhost account comes through unmolested (because it's sent by Westhost, not someone on the RBL).

    Is there an easy way to implement an RBL before forwarding e-mail? I found this post...

    I added features to sendmail.mc then ran it. Sure enough they were added to sendmail.cf.

    FEATURE(dnsbl, `sbl.spamhaus.org',`"550 Mail from " $&{client_addr} " refused. Rejected AS SPAM, for more information see http://www.spamhaus.org/SBL/"')

    FEATURE(`dnsbl', `relays.ordb.org', `"550 Email rejected due to sending server misconfiguration - see http://www.ordb.org/faq/\#why_rejected"')dnl

    Apparently there is more than just one way of killing spam.
    at: http://forums.westhost.com/phpBB2/viewtopic.php?t=1423

    but I'm new to Unix and don't know what I need to do to 'run it' to make this work. Is there an explicit set of directions someplace. I've heard that SendMail is easy to mess up.

    Thanks in advance!

  2. #2
    Senior Member FZ's Avatar
    Join Date
    May 2003
    Location
    Johannesburg, South Africa
    Posts
    1,024

    Default

    Hi rufus,

    I've tried the method in that post myself to get RBL, but it did not work for me. Yes, Sendmail can be messed up pretty easily, so I wouldn't recommend touching that. HOWEVER, there is another method you can use: you can enable SpamAssassin on your WestHost account, and enable RBL's in SpamAssassin itself. In that case, then, you'd need to make the forwarding alias a "proper POP3" with a home directory, and then use Procmail to forward anything that is not marked as spam, or any e-mail that does not contain SpamAssassin's RBL tests (as positive).

    This shouldn't be too difficult to do, so if you'd like to give it a go, let me know.

    Alternatively if you want to give the Sendmail version a go, just follow the instructions on that post exactly, but first make a backup of the files you modify/replace. If it doesn't work out, just restore your backup copies.

    Good luck!
    Fayez Zaheer

  3. #3
    Junior Member
    Join Date
    Sep 2003
    Posts
    20

    Default

    Thanks! I don't mind juryrigged fixes if they work. It would be nice if Westhost provided a script that you could run to enable RBL in Sendmail, but it doesn't sound like they do and I don't want to mess up my account.

    If you can tell me how to forward SpamAssassin filtered e-mail from a Westhost POP3 account using Procmail, I'd be very much obliged.

    From previous posts, it sounds like I need to upgrade SpamAssassin too (using directions found in http://codeworks.gnomedia.com/westhost/perl.php)? Is there anything about this that I should be aware of?

    Again, all suggestions/comments are welcome.

  4. #4
    Senior Member FZ's Avatar
    Join Date
    May 2003
    Location
    Johannesburg, South Africa
    Posts
    1,024

    Default

    Yeah, it would be excellent if WestHost took seriously the problem with Spam and provided certain measures (Sendmail RBL included) for us to implement.

    You do NOT need to install the latest version of SpamAssassin for this (however, if you want the best Spam filtering, you should). The WestHost provided version will do. Just install that via your control panel.

    Next, you need to convert the forwarding alias into an e-mail account: delete it (the alias) via your Site Manager, and add it as an e-mail account (quota usage and all that is up to you, you should just make it 20MB since you'll be forwarding the mail anyway). Make sure you give it a home directory on the FTP section of that dialogue (can be any directory).

    Now, send some mail to that account, download that e-mail (or use Webmail to view it) and make sure (by inspecting the headers) that it has been through SpamAssassin. If it has, all you need to do now is make/upload a file called .procmailrc (yes, no file name, it's all just an extension) in the home directory for that account, with the following code in it:

    Code:
    :0
    ! myaddress@anotherisp.com
    and obviously replace the address there with the address you want to forward your mail to. Now send another e-mail to the original account, and it should show up at the other account with SpamAssassin headers in tact.

    If you are going to be uploading the file, make sure to do so in ASCII/Text mode, and once uploaded, CHMOD the file to 644.

    Once you get this working, we'll work on enabling RBL for SpamAssassin (not too difficult, you need to use SSH though) and header conditions (can be tricky).
    Fayez Zaheer

  5. #5
    Junior Member
    Join Date
    Sep 2003
    Posts
    20

    Default

    Done and working but the Westhost SpamAssassin headers are replaced by SpamAssassin running at "other_isp.com".

    On a related note, is there something I should do to keep the .procmailrc that I placed in the new name's /ftp/pub secure? In other words, can someone use a spambot to find .procmailrc and get "myaddress@other_isp.com"

  6. #6
    Senior Member FZ's Avatar
    Join Date
    May 2003
    Location
    Johannesburg, South Africa
    Posts
    1,024

    Default

    Hmm, I see. Well, do you have access to the SpamAssassin configuration at the other ISP? If so, you could just enable RBL's for that SA install.

    The whole point of me suggesting was that you'd be able to forward only mail that did NOT match RBL tests on the WestHost server (and delete those that did, i.e. not bother forwarding them at all).

    I don't think the home directory you've assigned (/ftp/pub/username?) is accessible by the public without a username and password, so security should not be an issue. However, if you are paranoid about it, you could create the home directories for your accounts in /usr/home/username, meaning they would definitely not be accessible without the FTP login details for the account.

    Anyway, now you need to get the Perl module "Net:NS" installed to enable SA's RBL tests:

    1. Start an SSH session.

    2. Type cpan and press enter, if this is your first time using it it will ask you some config questions, if you're unsure, just hit enter and it will use the default value each time.

    3. Type install Net:NS and press enter. It should show a flurry of activity, and in the end should install it successfully.

    4. Type exit and press enter.

    5. Type spamassassin -D --lint and press enter, have a look at the output and it should have a line something like this:

    debug: is Net:NS::Resolver available? yes
    6. That's it. RBL lists should be enabled for SA. You can close the SSH session by typing exit and pressing enter.

    7. Now have a look at http://www.spamassassin.org/tests.html for the RBL tests you want to filter.

    8. Add conditions to your .procmailrc that exclude mail that contains the relevant strings, like this (will match most of the test names, but not all, feel free to customize):

    Code:
    :0DH:
    * RCVD_IN_
    /dev/null
    This code would go above your existing code (i.e. the code that will now forward the "remaining mail").

    I would recommend you replace the line /dev/null with something like spambox to move mail that is detected as being blacklisted to a mailbox (text) file, so you can monitor mail for a few days and confirm that no legitimate mail is deleted. Once you are sure that the filtering is working 100%, just replace it with the original code (i.e. /dev/null).

    Let me know how it goes
    Fayez Zaheer

  7. #7
    Junior Member
    Join Date
    Sep 2003
    Posts
    20

    Default

    Thanks for your help with this. I tried installing NetNS but got an error message:

    Warning: Cannot install NetNS, don't know what it is..

  8. #8
    Junior Member
    Join Date
    Sep 2003
    Posts
    20

    Default

    I went ahead and ran: "install Bundle:CPAN and reload cpan"

  9. #9
    Senior Member FZ's Avatar
    Join Date
    May 2003
    Location
    Johannesburg, South Africa
    Posts
    1,024

    Default

    Net:NS vs. NetNS

    The correct one to type is the one with two (2) colons: Net:NS

    I believe it is also case sensitive, so make sure you type it exactly as it appears here.
    Fayez Zaheer

  10. #10
    Junior Member
    Join Date
    Sep 2003
    Posts
    20

    Default

    Working now. I'll go through and edit the SA 'tests'.

    One more question. Is there a way to send a bounce message to those messages I determine to be spam, so that if I reject a legit message the sender will know to contact me via some other means?

    I really appreciate your help! Thanks a million.

Similar Threads

  1. Will RBLs work with mail forwarding
    By A999 in forum E-mail / FTP Management
    Replies: 11
    Last Post: 02-11-2007, 12:28 AM
  2. Mail queue backlog suggestions - best practices?
    By ajparker in forum E-mail / FTP Management
    Replies: 6
    Last Post: 04-01-2005, 12:40 AM
  3. Does anyone on WestHost have Mojo Mail up and running?
    By sitnprettyphoto in forum General Discussion
    Replies: 17
    Last Post: 06-28-2004, 09:49 PM
  4. Junk mail filter for Neomail?
    By trapper in forum E-mail / FTP Management
    Replies: 1
    Last Post: 11-10-2003, 08:16 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •