dsnbl

Best practice information from Scalix users relating to integration of Scalix with other products.

Moderator: ScalixSupport

dvichas
Posts: 17
Joined: Fri Sep 22, 2006 4:40 pm

dsnbl

Postby dvichas » Sun Oct 15, 2006 1:17 am

How do i configure dnsbl with scalix? i'm currently using spamassassin but still getting hammered with spam. i would like my server just to drop any connection from hosts that have been blacklisted.

chris
Scalix Star
Scalix Star
Posts: 321
Joined: Mon May 09, 2005 2:56 pm
Location: Freiburg, Germany

Postby chris » Mon Oct 16, 2006 4:16 pm

Hi dvichas,

you can't directly configure rbl's into Scalix's MTA. Because Scalix's smtpd listens to the ip_addr:25 the first place that rbl's can be processed locally is in spamassassin.

The best way to have your mail server drop connections directly is to place a postfix relay in front of your Scalix deployment - that would also be the place to do greylisting etc.

Cheers,

Chris

dvichas
Posts: 17
Joined: Fri Sep 22, 2006 4:40 pm

Postby dvichas » Mon Oct 16, 2006 6:00 pm

can spamassassin be configured for rbl's? i realize i might need to take this question to the spam assassin list

chris
Scalix Star
Scalix Star
Posts: 321
Joined: Mon May 09, 2005 2:56 pm
Location: Freiburg, Germany

Postby chris » Tue Oct 17, 2006 4:18 am

Hi dvichas,

spamassassin can be configured to use rbl's - in fact it is by default. What of course won't happen is, that the connections won't be dropped at the socket level.

See http://wiki.apache.org/spamassassin/DnsBlocklists for more on configuring spamassassin to use rbl's.

Chris

dvichas
Posts: 17
Joined: Fri Sep 22, 2006 4:40 pm

Postby dvichas » Tue Oct 17, 2006 1:58 pm

is sendmail used in a scalix setup for sending, recieving, or both?

i added some config in my sendmail.cf file for rbl but not sure if it's doing anything.

chris
Scalix Star
Scalix Star
Posts: 321
Joined: Mon May 09, 2005 2:56 pm
Location: Freiburg, Germany

Postby chris » Tue Oct 17, 2006 2:09 pm

Scalix uses it's own smtpd to recieve mail from the outside.

Scalix uses sendmail to send mail to the outside.

That means, that if you configure rbl's in sendmail they will never do anything, because sendmail doesn't receive ingress mail.

Check this thread for more: http://www.scalix.com/community/viewtopic.php?t=4274

I just wrote it this afternoon.

Cheers,

Chris

stevemurphy
Posts: 38
Joined: Fri Dec 02, 2005 2:31 pm
Location: Albany, NY
Contact:

Postby stevemurphy » Tue Oct 17, 2006 10:19 pm

Another simplier approach is to simply disable Scalix's smtp daemon and use sendmail as the MTA. My company has been using this configuration for almost a year now with no issues, other than having to make sure to disable Scalix's smtpd again after upgrades.

To disable Scalix's smtpd, run 'omsetsvc -a smtpd n; omoff -d0 smtpd'. Then add the RBLs in /etc/mail/sendmail.mc. Here are the entries from the bottom of my sendmail.mc file:

FEATURE(`dnsbl', `list.dsbl.org')dnl
FEATURE(`dnsbl', `bl.spamcop.net')dnl
FEATURE(`dnsbl', `xbl-sbl.spamhaus.org')dnl

You will also need to make sure sendmail is configured to listen on an ip other than localhost.. This can be done by adding the following line to sendmail.mc with your external IP:

DAEMON_OPTIONS(`Port=smtp,Addr=xxx.xxx.xxx.xxx, Name=MTA')dnl

After editing /etc/mail/sendmail.mc, run make in the /etc/mail/ directory to update sendmail.cf. Then run omsendin to make Scalix's modifications to sendmail.cf. Restart Sendmail and test.


Return to “Third Party Integration”



Who is online

Users browsing this forum: No registered users and 2 guests