Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Spamhaus troubles, Auth headers?

0 views
Skip to first unread message

FLoh Leeber

unread,
Apr 29, 2011, 12:27:37 PM4/29/11
to
Dear all,

the following issue makes me scratch my head:

1) User with dynamic IP wants to send mail to my mail server with SMTP Auth
2) Mail get accepted and is delivered locally
3) My SpamAssassin filters the mail into Junk, because the original IP
address is on a dynamic blacklist by Spamhaus. The provider of the user
voted in to list all his dynamic ranges there. So no chance to get off.
Even worse, also mail sent to external addresses might get blocked that way.

My users find it comfortabel to be able to use the same SMTP server from
around the world... I don´t want to suggest them that they go back to
SMTp server switching!

SpamAssassin claims that it would respect Auth tokens in the received
lines, but is this possible with qmail? See
http://wiki.apache.org/spamassassin/DynablockIssues
"...RCVD_IN_DYNABLOCK" .. its not 100% that issue, but its the same scheme.

It starts to suck now. In the global War Against Spam we are willing to
give up all sense and comfort of email. Soon this scheme of
communication will be unusable.

regards Florian


--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-...@muc.de

John Levine

unread,
Apr 29, 2011, 12:37:00 PM4/29/11
to
>SpamAssassin claims that it would respect Auth tokens in the received
>lines, but is this possible with qmail? See
>http://wiki.apache.org/spamassassin/DynablockIssues
>"...RCVD_IN_DYNABLOCK" .. its not 100% that issue, but its the same scheme.

You may have to twiddle its patterns to recognize the headers that
qmail-smtpd adds. It shouldn't be a big deal. Or fix the problem for
real by separating your MX and your submission servers. Change the MX,
leave the submission server in the same place so your users don't have
to reconfigure.

>It starts to suck now. In the global War Against Spam we are willing to
>give up all sense and comfort of email. Soon this scheme of
>communication will be unusable.

Sigh. That particular complaint is so 1997.

R's,
John

Erwin Hoffmann

unread,
Apr 29, 2011, 5:18:08 PM4/29/11
to
Hi FLoh,

On Fri, 29 Apr 2011 18:27:37 +0200
FLoh Leeber <fl...@bin.org.in> wrote:

> Dear all,
>
> the following issue makes me scratch my head:
>
> 1) User with dynamic IP wants to send mail to my mail server with SMTP Auth
> 2) Mail get accepted and is delivered locally
> 3) My SpamAssassin filters the mail into Junk, because the original IP
> address is on a dynamic blacklist by Spamhaus. The provider of the user
> voted in to list all his dynamic ranges there. So no chance to get off.
> Even worse, also mail sent to external addresses might get blocked that way.
>
> My users find it comfortabel to be able to use the same SMTP server from
> around the world... I don´t want to suggest them that they go back to
> SMTp server switching!
>
> SpamAssassin claims that it would respect Auth tokens in the received
> lines, but is this possible with qmail? See
> http://wiki.apache.org/spamassassin/DynablockIssues
> "...RCVD_IN_DYNABLOCK" .. its not 100% that issue, but its the same scheme.

Hm. Since vanilla qmail does not support SMTP Auth out-of-the-box, you probably use a patched version.

Thus, it would be helpful if you tell us in some more detail what is going on; in particular provide us with the problematic header line.

If you have used my SMTP Auth patch for qmail, this should not be a problem.

Pls. check http://www.fehcom.de/qmail/smtpauth.html

regards.
--eh.

>
> It starts to suck now. In the global War Against Spam we are willing to
> give up all sense and comfort of email. Soon this scheme of
> communication will be unusable.
>
> regards Florian
>
>


--
Dr. Erwin Hoffmann | FEHCom | http://www.fehcom.de

0 new messages