1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice

qmail & greylisting spam control

Discussion in 'Plesk for Linux - 8.x and Older' started by bmeshier, Nov 8, 2005.

  1. bmeshier

    bmeshier Guest

    0
     
    For those looking for a simple, maintenance free spam solution, check out greylisting. It's highly effective (far more than spamassasin and the like). Before you continue, I suggest reading the white paper to get a firm grasp of what greylisting is:
    http://projects.puremagic.com/greylisting/whitepaper.html

    I've rolled together qmail 1.03 with greylisting support specifically compiled for Plesk servers (includes SW Soft's qmail patches). I've tested on 7.1.x, 7.5.x and 8.0.x systems. I've been running it on 4 production servers for the last 18 months, without problems. It will reduce server load dramatically on systems with high mail volume. I've repackaged qmail in to a tarball and will provide the source code upon request. I can also install on your server.

    Instructions and source here:
    http://meshier.com/2006/09/18/adding-greylisting-support-to-qmail-on-plesk-8/

    Brent Meshier
    http://carbonblock.net/
    brent@carbonblock.net
     
  2. rvdmeer

    rvdmeer Guest

    0
     
    What is the basic retry queue time from an healty mail server?
    Some told me its around 4 hours. This means that the server is not accepting the email for the first 4 hours. Unhandy if an customer is waiting for an subscripe mail..

    What is your experience with this?
     
  3. bmeshier

    bmeshier Guest

    0
     
    My configuration is setup to block unknown triplets for 5 minutes. If the recipient has received mail before from that sender & IP, there is no delay. Most mail servers retry within the hour. Here is some actual research on greylisting

    http://www.decf.berkeley.edu/help/mail/greylisting-stats.html
     
  4. rvdmeer

    rvdmeer Guest

    0
     
    Is it possible for you to create a small howto?
     
  5. bmeshier

    bmeshier Guest

    0
     
  6. csidewebhost

    csidewebhost Guest

    0
     
  7. bmeshier

    bmeshier Guest

    0
     
    That patch WILL NOT work with Plesk servers. My HOW-TO is for Plesk users as the forum suggests. From the qgreylist page, it clearly states that qgreylist is not compatable with SMTP AUTH., which is just one of many reasons why it doesn't work with Plesk. Also, qgreylist is not a true implementation as developed by Evan Harris (puremagic.com)
     
  8. rvdmeer

    rvdmeer Guest

    0
     
    bmeshier, thanks for your howto, i'll test it on the test server asap. Are you able to put this tar ball on the internet
     
  9. bmeshier

    bmeshier Guest

    0
     
    No, but email me, bmeshier@gmail.com and I'll send it over to you.
     
  10. rvdmeer

    rvdmeer Guest

    0
     
    mail was send as requested
     
  11. rvdmeer

    rvdmeer Guest

    0
     
    Ok, did some testing but i dont get it running.
    I really do need some more security because of the current mail load. Greylisting would be perfect.. if its working.

    ANy other greylisting plugins for qmail? (plesk configuration compatible)
     
  12. bmeshier

    bmeshier Guest

    0
     
    What part of the installation were you having problems with? My plesk implementation is the only that exists.
     
  13. rvdmeer

    rvdmeer Guest

    0
     
    well.. i did everything according to the howto...
    but if i do a telnet locally its accepting like it should. Also from other connections its accepting it.

    Checked the table but no records in the table.
     
  14. bmeshier

    bmeshier Guest

    0
     
    Greylisting doesn't start that early in the connection. It waits until it has the sender's address:
    Code:
    -> MAIL FROM: <sender@somedomain.com>
    <- 250 2.1.0 Sender ok
    -> RCPT TO: <recipient@otherdomain.com>
    <- 451 4.7.1 Please try again later
    
    Remember, greylisting is done by a triplet (relay IP, sender, recipient)

    I suggest reading the whitepaper:
    http://projects.puremagic.com/greylisting/whitepaper.html
     
  15. rvdmeer

    rvdmeer Guest

    0
     
    that i also checked.

     
  16. bmeshier

    bmeshier Guest

    0
     
    Did you copy the newly compiled qmail-envelope-scanner and qmail-smtpd to your qmail/bin directory and restart qmail? If so, do you have a file called /tmp/greylist_dbg.txt?
     
  17. rvdmeer

    rvdmeer Guest

    0
     
    yes, and i do have that file.

     
  18. bmeshier

    bmeshier Guest

    0
     
    Strange, you should see something like this:
    Code:
    
    --------
    protocol = notneeded4qmail [email]anonymous@plesk.com[/email]
    SQL: ret=0  |SELECT id, block_expires > NOW(), block_expires < NOW() FROM relaytofrom WHERE record_expires > NOW()  AND mail_from IS NULL AND rcpt_to IS NULL AND (relay_ip = '69.64.46.29' OR relay_ip = '69.64.46' OR relay_ip = '69.64' OR relay_ip = '69') ORDER BY length(relay_ip)|
    SQL: ret=0  |SELECT id, block_expires > NOW(), block_expires < NOW() FROM relaytofrom WHERE record_expires > NOW()  AND mail_from IS NULL AND relay_ip IS NULL AND rcpt_to = 'meshier.com'|
    SQL: ret=0  |SELECT id, NOW() > block_expires FROM relaytofrom WHERE record_expires > NOW() AND mail_from = 'anonymous@plesk.com'  AND rcpt_to   = 'brent@meshier.com' AND relay_ip  like '69.64.46%' order by block_expires desc|
    SQL: ret=0  |update relaytofrom set record_expires = NOW() + INTERVAL 36 DAY, passed_count = passed_count + 1 where id ='259503'|
    [email]anonymous@plesk.com[/email] -> [email]brent@meshier.com[/email] (69.64.46.29) Exists Accept id = 259503  expire = 1
    
    What entries do you have in the MySQL table?
     
  19. rvdmeer

    rvdmeer Guest

    0
     
    Thats the problem perhaps.. it doesnt insert anything into the database. I'll checked the config several times before compiling and flushed all the permissions on sql.. still nothing...
     
  20. rvdmeer

    rvdmeer Guest

    0
     
    I think i got it working...

    220 extre.nl ESMTP
    helo there
    250 extre.nl
    mail from ronald@qworks.net
    250 ok
    rcpt to: ronald@q-works.net
    421 temporary envelope failure (#4.3.0)

    busy testing
     
Loading...