Bug: DNSBL checks supersede SMTP-AUTH

[goebelmeier]

Hey folks,

i just migrated from Plesk 8.6.0 to 9.2.1 (and from qmail to postfix too) and had to recognize that every incoming email is checked against DNSBL. In my opinion this should only be done if there is no AUTH request sent by client. I had to remove all DNSBL blocking dynamic IPs to let my customers send email again.

Are there any other fixes yet, which allow me to enable my favourite blacklists again?

Regards, Timo

 

[albans]

Hello,

If you're using postfix, it's pretty easy to correct.
Check this post: http://forum.parallels.com/showthread.php?t=85930&highlight=postfix
It concerns /etc/postfix/main.cf

If you're using qmail, you've to enable another SMTP port (587) for sending email with no RBL checks. It can be done via the Plesk control panel, under "mail server settings".

 

[sbillis]

Hi,

I don't think that this is a bug. I also came across this when using SSL (I'm using qmail with tcp-env) and told my users to either:
a) Use their ISP mail relay host.
b) Get a fixed IP address or stop sending spam from their fixed IP address.

This is a very useful feature as it helps stop the flow of spam across the internet. Consider this... you have a customer who signs up with you and all is well for a few days.... They become infected with a trojan and are turned into a spam bot. All mail from their IP address is blocked except via your server. You get a rep as a spam relay.

If you want to examine further the arguments that are passed to tcp-env by xinetd see (for example) /etc/xinet.d/smtps_psa

As the post above also states, using the SMTP submission port also negates the DNSBL checks.

 

[goebelmeier]

If you're using postfix, it's pretty easy to correct. Check this post: http://forum.parallels.com/showthread.php?t=85930&highlight=postfix It concerns /etc/postfix/main.cf

Thanks, this fixed my problems!