DNSBL not working

Discuss the Scalix Server software

Moderators: ScalixSupport, admin

TRACKS
Posts: 106
Joined: Mon Feb 19, 2007 4:56 pm

DNSBL not working

Postby TRACKS » Wed Mar 21, 2007 6:13 pm

I found in the Setup and configuration guide by adding
SUBMIT log_reject DNSBL,bl.spamcop.net,ALL
To my smtpd file and restarting the service this would make the DNSBL work however I am finding a lot of SPAM coming through that is listed on this DNSBL

I had the following in my smtpd file

SUBMIT log_reject DNSBL,dnsbl.sorbs.net,ALL
SUBMIT log_reject DNSBL,bl.spamcop.net,ALL

Is that the only statement that needs to be added to make this work or did miss something? Is their a problem adding two?
TRACKS
4000+ users

KevinAnderson

Postby KevinAnderson » Wed Mar 21, 2007 6:57 pm

Those don't belong in smtpd.cfg.

There are several guides here:

http://www.scalix.com/wiki/index.php?ti ... il_Hygiene

Kev.

kurtbe
Posts: 74
Joined: Sun Aug 13, 2006 11:39 am
Location: Germany/Berlin
Contact:

Postby kurtbe » Thu Mar 22, 2007 7:01 am

Hello there,

Scalix V11 Setup guide says:

of IP addresses to be avoided. This can be useful as a means to block known spammers.
To create a DNS Block List:
1 Go to the file ~/sys/smtpd.cfg
2 Add the following lines.
# Reject and log submission from addresses listed in bl.spamcop.
net:
SUBMIT log_reject DNSBL,bl.spamcop.net,ALL
3 Restart the smtpd service.
omoff -d0 -w smtpd
omon smtpd


If TRACKS is using Scalix V11 this answer was not quite correct ....

EDIT: ... Signature says it, Scalix V11 related ...
Implenting DNSBL to my Scalix Servers is on the ToDo List ...

TRACKS
Posts: 106
Joined: Mon Feb 19, 2007 4:56 pm

Postby TRACKS » Thu Mar 22, 2007 9:16 am

You posted what I was reading! I am running Scalix 11.0.2.28 Red Hat ES4

I have read all about implementing SPAM Assassin however I would not like to complicate the system any more than necessary So DNSBL is the best choice if I can get it to work
TRACKS
4000+ users

kurtbe
Posts: 74
Joined: Sun Aug 13, 2006 11:39 am
Location: Germany/Berlin
Contact:

Postby kurtbe » Thu Mar 22, 2007 9:21 am

'm sorry TRACKS,

I wanted to make it clear to KevinAnderson because I thought he didn't take care of this new feature in Scalix V11 in his answer...

Perhaps anyone out there have DNSBL implented in his scalix environment and can commit that it works even with multiple DNSBL-Services?

TRACKS
Posts: 106
Joined: Mon Feb 19, 2007 4:56 pm

Postby TRACKS » Thu Mar 22, 2007 9:34 am

No need to be sorry! I was just stating the you posted the part out of the manual that I read to make the change. I don’t know why it’s in the manual if it doesn’t work.
TRACKS
4000+ users

KevinAnderson

Postby KevinAnderson » Thu Mar 22, 2007 2:14 pm

Sorry, I was thinking you were still on 10. Are you seeing anything in omshowlog -p 90 that would indicate smtp rejections of mail coming in? Just wondering if you're seeing some rejections or none.

Kev.

TRACKS
Posts: 106
Joined: Mon Feb 19, 2007 4:56 pm

Postby TRACKS » Thu Mar 22, 2007 2:44 pm

Not seeing anything

[OM 4884] omshowlog : No logged records match the specified criteria
TRACKS
4000+ users

TRACKS
Posts: 106
Joined: Mon Feb 19, 2007 4:56 pm

Postby TRACKS » Fri Mar 23, 2007 9:51 am

Kevin,

The rule is simply not catching anything I have verified that all the messages coming through are listed in DNSBL and there is nothing in the logs. Is their a way to set the logging level so I can look and see if it’s doing anything with the DNSBL?

Any ideas?
TRACKS
4000+ users

grubi
Posts: 55
Joined: Fri Jan 12, 2007 5:46 pm

Postby grubi » Sat Mar 24, 2007 10:53 am

kurtbe wrote:'m sorry TRACKS,

I wanted to make it clear to KevinAnderson because I thought he didn't take care of this new feature in Scalix V11 in his answer...

Perhaps anyone out there have DNSBL implented in his scalix environment and can commit that it works even with multiple DNSBL-Services?


Yes but we use DNSBL feature of Sendmail so this is a different setup

grubi
Last edited by grubi on Sat Mar 24, 2007 11:04 am, edited 1 time in total.

TRACKS
Posts: 106
Joined: Mon Feb 19, 2007 4:56 pm

Postby TRACKS » Sat Mar 24, 2007 11:04 am

From what I understand adding this DNSBL:
FEATURE(`dnsbl', `relays.ordb.org', `Rejected - see http://ordb.org/')dnl

to the Sendmail.mc file does not work in Scalix 11 because Sendmail only processes outbound mail and the smtpd file processes inbound.
TRACKS
4000+ users

grubi
Posts: 55
Joined: Fri Jan 12, 2007 5:46 pm

Postby grubi » Sat Mar 24, 2007 11:18 am

TRACKS wrote:From what I understand adding this DNSBL:
FEATURE(`dnsbl', `relays.ordb.org', `Rejected - see http://ordb.org/')dnl

to the Sendmail.mc file does not work in Scalix 11 because Sendmail only processes outbound mail and the smtpd file processes inbound.


That is true and that is the reason I wrote it is a different setup. You can (and that's what we did) make sendmail the primary listening mta at port 25 and make smtpd only a mail submission server listening on port 587. This is a prerequisit to use DNSBL and also greylisting with sendmail.

grubi.

TRACKS
Posts: 106
Joined: Mon Feb 19, 2007 4:56 pm

Postby TRACKS » Tue Mar 27, 2007 10:27 am

I know it will work if I make Sendmail handle inbound and outbound mail. However according to the posted documentation I shouldn’t have to do this. I would like to know why the settings provided are not working. I don’t want to just start making changes that might mask a previous problem.

It appears like the SUBMIT=ON statement is not working in the smtpd.cfg file
TRACKS
4000+ users

grubi
Posts: 55
Joined: Fri Jan 12, 2007 5:46 pm

Postby grubi » Tue Mar 27, 2007 12:26 pm

TRACKS wrote:I know it will work if I make Sendmail handle inbound and outbound mail. However according to the posted documentation I shouldn’t have to do this. I would like to know why the settings provided are not working. I don’t want to just start making changes that might mask a previous problem.

It appears like the SUBMIT=ON statement is not working in the smtpd.cfg file


Maybe I missed anything obvious here, but what has "SUBMIT=ON" to do with DNSBL?
This setting enables the mail submission server on port 587 and it works in our configuration.

Regards,
grubi

KevinAnderson

Postby KevinAnderson » Tue Mar 27, 2007 4:45 pm

I am currently testing this to see if I can replicate this problem.

Kev.


Return to “Scalix Server”



Who is online

Users browsing this forum: No registered users and 2 guests

cron