Spam is Killing us?

[viruseater]

gah...

nevermind. I see that Plesk 8.1 does NOT like multiple lists in the MAPS text field in the cp.

ugh... I've got to figure this out.

ART I don't see any up2date info on your site. yum only?

 

[atomicturtle]

Just scroll down For the impatient (pasted from the web page)
Up2date Configuration
RHEL3, RHEL4

Manual Configuration: RHEL3
edit /etc/sysconfig/rhn/sources
# Atomic
yum atomic http://3es.atomicrocketturtle.com/atomic/art/3ES/

# Atomic App Vault
yum atomic-app-vault http://3es.atomicrocketturtle.com/atomic/app-vault/

# SW-Soft PSA 8.0
yum psa-8.0 http://3es.atomicrocketturtle.com/atomic/psa-8.0/3ES/

Manual Configuration: RHEL4
edit /etc/sysconfig/rhn/sources
# Atomic
yum atomic http://3es.atomicrocketturtle.com/atomic/art/4ES/

# Atomic App Vault
yum atomic-app-vault http://3es.atomicrocketturtle.com/atomic/app-vault/

# SW-Soft PSA 8.0
yum psa-8.0 http://3es.atomicrocketturtle.com/atomic/psa-8.0/4ES/

 

[jwdick]

Re: Re: Greylisting ...

Originally posted by lpittman
Hi Joao,

A combination of Spam Assassin, greylist, dcc, razor, pyzor, blocklists and SPF is what you need. They are all cover slightly different things.

Luke

What do you have your SPF set to? i.e. Are you only blocking "fail"? A lot of sites still do not use SPF and therefore, legitimate mail has a value of "none".

 

[viruseater]

Originally posted by atomicturtle
Just scroll down For the impatient (pasted from the web page)
Up2date Configuration
RHEL3, RHEL4

Manual Configuration: RHEL3
edit /etc/sysconfig/rhn/sources
# Atomic
yum atomic http://3es.atomicrocketturtle.com/atomic/art/3ES/

# Atomic App Vault
yum atomic-app-vault http://3es.atomicrocketturtle.com/atomic/app-vault/

# SW-Soft PSA 8.0
yum psa-8.0 http://3es.atomicrocketturtle.com/atomic/psa-8.0/3ES/

Manual Configuration: RHEL4
edit /etc/sysconfig/rhn/sources
# Atomic
yum atomic http://3es.atomicrocketturtle.com/atomic/art/4ES/

# Atomic App Vault
yum atomic-app-vault http://3es.atomicrocketturtle.com/atomic/app-vault/

# SW-Soft PSA 8.0
yum psa-8.0 http://3es.atomicrocketturtle.com/atomic/psa-8.0/4ES/

Thanks

In my defence I had been awake all night and was exhausted.

 

[NightMan]

atomic> I got installed the graylisting, but where do I find the configuration file for this?

 

[jwdick]

Look at /var/qmail/bin for the "greylist" file

 

[NightMan]

thanks found it.
Anyway is there any way to set-up whitelist? like bypassing this filter for internal mails(within the server)?

 

[NightMan]

atomic, your yum channel is working fine now. thank you for fixing it.

by the way, your PM mailbox is full..

 

[jwdick]

Originally posted by NightMan
thanks found it.
Anyway is there any way to set-up whitelist? like bypassing this filter for internal mails(within the server)?

There is a statement in the "greylist" file that gives the path for the whitelist. If it is commented out, uncomment it. Then create the whitelist folder: ie "/var/qmail/whitelist". Make the ownership the same as the greylist folder and place the empty file with the ip address that you want to greylist.

It will also skip this check if you add the ip address in the control panel under <SERVER><MAIL><WHITELIST>

 

[NightMan]

Atomic or anyone else,
have you tried this plugin for spam mails with images?

http://fuzzyocr.own-hero.net/

 

[atomicturtle]

Yep, I've been running it on my Project Gamera servers for a few months now. I just havent gotten around to pushing it into the atomic channel yet. Its a pretty big change, and to date Ive only done any integration on it for CentOS4.

 

[NightMan]

sounds good. is it safe to install from that link I posted? will it brake anything with PLESK?

 

[atomicturtle]

I have no idea, Im not using that implementation.

 

[ACID25]

Hi

i´ve installed the packages without any errors, then i restart spamd and i found this in the maillog

spamc[32107]: connect(AF_UNIX) to spamd /tmp/spamd_full.sock failed: No such file or directory

So where´re these files gone??

spamd_full.sock
spamd_light.sock

and how can i get this files back??

THX and regards
ACID25

 

[ACID25]

Hi

forgot the questuion above, i fixed this with restarting psa-spamassasin

but how can i check that the new installed packages are integrated in psa-spamassassin and work? Is any other config needed for razor-agents, dcc and pyzor? Are they now working server-wide or use it only the default user configs

THX FOR HELP

regards
ACID25

 

[ACID25]

Hi

i installed this greylisting....and it works fine now, but some customers complains that they got a message like this, whne they want to send mails

Temporary local problem - try later', Port: 25, Secure (SSL): Nein, Serverfehler: 450, Fehlernummer: 0x800CCC79

So is it possible to increase the timouts in qmail or greylisting so that this message go away?

best regards
ACID25

 

[NightMan]

ACID>
As far I know, this is excatly greylisting doing. it simply send a 450 error "Temporary local problem try again later" and add the ip to the white list as well. this means the remort mail server will try again and next time it will go through without any error.

most of the spam servers does not use these features so they do not try again.

but if a spam send from a legitimate server then it will get rejected and go through next time..

 

[ACID25]

Hi


thx for that informationen, then the messages should gone away if the customer send the message second times to the same recipient.

regards
ACID25

 

[jwdick]

The message will go away AFTER your greylist timeout period if the customer resends the email. If your customer is on a dynamic ip that changes frequently, you should warn them that they might see this message whenever their ip address changes unless it stays within the same "class 3" range.