Qmail RBL NDR

Forum for getting help with Project Gamera, Spamassassin, Clamav, qmail-scanner and other anti-spam tools.
Post Reply
raverX
Forum User
Forum User
Posts: 16
Joined: Tue Jan 16, 2007 5:47 pm

Qmail RBL NDR

Unread post by raverX »

We're running a number of Plesk 8 boxes (RHEL3 and RHEL4 based) with ART's packages..

Recently put in the RBL's zen.spamhaus.org, cbl.abuseat.org and bl.spamcop.net in the smtp_pas service checking

This has done wonders for dropping down the rate of incoming spam and lowering SpamAssassin's overhead which was seriously killing our servers.

Up till today I've only had one client ring with a problem, and that was that they couldn't send via our SMTP server as they were on a CBL. They did mention "some sort of error message" from their email client, which sounded like an NDR from our SMTP server.

I've just had a client ring up as he had been trying to send test emails to a domain we host and nothing was coming through. It wasn't till he sent a test email through to our head office (which runs amavis+postfix+etc) that he received an NDR saying he was listing on a PBL and thought it was odd that our servers weren't giving him the same error message.

Is there any way to test that our systems ARE infact reporting the correct RBL NDR to MTA's that attempt to deliver to our server?

Is there any way to disable NDR's for RBL's - that we might have inadvertantly disabled - so we can re-enabled it?
Top
Highland
Forum Regular
Forum Regular
Posts: 674
Joined: Mon Apr 10, 2006 12:55 pm

Unread post by Highland »

Try this first to see if they are blacklisted. If they don't know their IP, point them to whatismyip.com

http://www.mxtoolbox.com/blacklists.aspx
Top
raverX
Forum User
Forum User
Posts: 16
Joined: Tue Jan 16, 2007 5:47 pm

Unread post by raverX »

Highland wrote:Try this first to see if they are blacklisted. If they don't know their IP, point them to whatismyip.com

http://www.mxtoolbox.com/blacklists.aspx
hey scott,

thanks for the url.. problem i need to verify tho is whether our server(s) are producing an NDR to people who are blocked or not, as if it isn't then there's a lot of mail that people think they've sent to our servers, which has not been delivered, and they won't know this...
Top
raverX
Forum User
Forum User
Posts: 16
Joined: Tue Jan 16, 2007 5:47 pm

Unread post by raverX »

for anyone interested i found a way to test the responses

http://www.thedjbway.org/djbrbl/rblsmtpd.html

from shell/cli,

TCPREMOTEIP="202.63.160.111" rblsmtpd -B -t 300 -r sbl-xbl.spamhaus.org echo "hello"

i also added -b -t 300 to my /etc/xinetd.d/smtp_psa which changes the response 451 (temporary error) to 511 (blocked) - since i found some mail servers don't pass on the error to the user based on a 45x error (temporary error = retry) and they might never know they've been bounced

Code: Select all

        server          = /var/qmail/bin/tcp-env
        server_args     = -Rt0 /usr/sbin/rblsmtpd -b -t 300 -r bl.spamcop.net -r cbl.abuseat.org -r zen.spamhaus.org /var/qmail/bin/relaylock /var/qmail/bin/qmail-smtpd /var/qmail/bin/smtp_auth /var/qmail/bin/true /var/qmail/bin/cmd5checkpw /var/qmail/bin/true
Top
Post Reply

Return to “Anti-Spam Help and Discussion”