Hi there ! All my mails, which I send from the office workstation, will be identified as Spam , because my client IP is listed in dnsbl.sorbs.net ! My Server ISPConfig-2.1.2(postix) is not listed in dnsbl.sorbs.net! So is there a method to hide all hosts inside a domain behind their mail gateway, and to make it appear as if the mail comes from the gateway itself, instead of from my office maschine which is listed in some dnsbls. Thanks , Florian I sent a mail to myself and got the following : ------------------------------------------------ Content preview: [...] Content analysis details: (8.5 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 1.0 NO_REAL_NAME From: does not include a real name 0.1 HTML_90_100 BODY: Message is 90% to 100% HTML 1.1 MIME_HTML_MOSTLY BODY: Multipart message mostly text/html MIME 0.0 HTML_MESSAGE BODY: HTML included in message 0.0 BAYES_50 BODY: Bayesian spam probability is 40 to 60% [score: 0.4942] 2.0 RCVD_IN_SORBS_DUL RBL: SORBS: sent directly from dynamic IP address [xx.xxx.xx.175 listed in dnsbl.sorbs.net] 1.9 RCVD_IN_NJABL_DUL RBL: NJABL: dialup sender did non-local SMTP [xx.xx.xx.175 listed in combined.njabl.org] 1.8 MISSING_SUBJECT Missing Subject: header 2.3 EMPTY_MESSAGE Message appears to be empty with no Subject: text -1.8 AWL AWL: From: address is in the auto white-list The original message was not completely plain text, and may be unsafe to open with some email clients; in particular, it may contain a virus, or confirm that your address can receive spam. If you wish to view it, it may be safer to save it to a file and open it with an editor.
Spam If you are not a spammer then you can go to the site and ask them to remove you from the list. If you are, then no, there is no way.
Yes , I can ask to remove the whole IP-Class out of the list . The Spamreport-Mail said: " sent directly from dynamic IP address" , which is not true . The mail was sent by workstation , which IP-Adresse is listed, through our mailserver !! And the mailserver isn't listed ! The problem is, that the client is listed, which send emails through the mailserver. It would be okay if my client send directly mails out !
Sorry, but thats not the way it works... if your workstation ip is listed its because the machine is sending spam and not through your server..
Almost all dynamic IP addresses are blacklisted, but this does not matter at all when your server IP is not listed and you configured your mailclient to use your server as SMTP gateway.
The Mailserver is running on a debian sarge 3.1 ispconfig 2.2.x ! The Mailclient of my workstation is Outlook and the ip of this workstation is listed in a dnbl ! The smtp server of my client is the mailserver . So how can I tell postfix to remove all the header code from the client machine (dynamical ip, which is listed) , to get rid of the spamstatus . Is there a way to configure postfix to do that ? My workstation is a normal client outlook with pop & smtp == ispconfig mailserver postfix . Header of a Mail, which was identified as spam : Return-Path: <[email protected]> X-Original-To: [email protected] Delivered-To: [email protected] Received: from tudc76d48b7eb6 (xxx.xxx.175.26.11.univie.teleweb.at [xx.xx.175]) by server.mydomain.com(Postfix) with ESMTP id E0266704125 for <[email protected]>; Wed, 7 Jun 2006 10:24:19 +0200 (CEST) Message-ID: <001301c68a0b$8040edd0$af4bb23e@tudc76d48b7eb6> From: <[email protected]> To: <[email protected]> Subject: test relay Date: Wed, 7 Jun 2006 10:22:22 +0200 MIME-Version: 1.0 X-Security: MIME headers sanitized on server.mydomain.com See http://www.impsec.org/email-tools/sanitizer-intro.html for details. $Revision: 1.138 $Date: 2003-01-26 11:25:54-08 X-Security: The postmaster has not enabled quarantine of poisoned messages. Content-Type: multipart/alternative; boundary="----=_NextPart_000_0010_01C68A1C.43895970" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2180 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180 X-Virus-Scan: Scanned by TrashScan v0.12 running on server.mydomain.com best regards, Florian
It is not nescessary to remove any headers. As I posted above: It is normal that the IP of your workstation is balcklisted! This will not result in a spam status of the email that is sent trough a non blacklisted gateway! I recommend to do some further research if your mail gateway server is really not blacklisted in any other balcklist. If your email has been marked as spam by spamassasin, please post the spamassassin headers of the message with the scores and rules.
Hi Till ! Here the Message + Headers : Message: --------- Spam detection software, running on the system "panel.wal-net.at", has identified this incoming email as possible spam. The original message has been attached to this so you can view it (if it isn't spam) or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: [...] Content analysis details: (5.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 1.0 NO_REAL_NAME From: does not include a real name 0.1 HTML_90_100 BODY: Message is 90% to 100% HTML 1.1 MIME_HTML_MOSTLY BODY: Multipart message mostly text/html MIME 0.0 HTML_MESSAGE BODY: HTML included in message 0.0 BAYES_50 BODY: Bayesian spam probability is 40 to 60% [score: 0.4995] 1.9 RCVD_IN_NJABL_DUL RBL: NJABL: dialup sender did non-local SMTP [62.178.75.175 listed in combined.njabl.org] 1.5 AWL AWL: From: address is in the auto white-list The original message was not completely plain text, and may be unsafe to open with some email clients; in particular, it may contain a virus, or confirm that your address can receive spam. If you wish to view it, it may be safer to save it to a file and open it with an editor. Headersource of the original Message: Return-Path: <[email protected]> X-Original-To: [email protected] Delivered-To: [email protected] Received: from tudc76d48b7eb6 (chello062178075175.26.11.univie.teleweb.at [62.178.75.175]) by panel.wal-net.at (Postfix) with ESMTP id 184DC704125 for <[email protected]>; Wed, 7 Jun 2006 13:10:41 +0200 (CEST) Message-ID: <000a01c68a22$bd2b71e0$af4bb23e@tudc76d48b7eb6> From: <[email protected]> To: <[email protected]> Subject: TEST MAIL Date: Wed, 7 Jun 2006 13:08:42 +0200 MIME-Version: 1.0 X-Security: MIME headers sanitized on panel.wal-net.at See http://www.impsec.org/email-tools/sanitizer-intro.html for details. $Revision: 1.138 $Date: 2003-01-26 11:25:54-08 X-Security: The postmaster has not enabled quarantine of poisoned messages. Content-Type: multipart/alternative; boundary="----=_NextPart_000_0007_01C68A33.806F2290" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2180 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180 X-Virus-Scan: Scanned by TrashScan v0.12 running on panel.wal-net.at This is a multi-part message in MIME format. ------=_NextPart_000_0007_01C68A33.806F2290 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable ------=_NextPart_000_0007_01C68A33.806F2290 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD> <META http-equiv=3DContent-Type content=3D"text/html; = charset=3Diso-8859-1"> <META content=3D"MSHTML 6.00.2900.2802" name=3DGENERATOR> <STYLE></STYLE> </HEAD> <BODY bgColor=3D#ffffff> <DIV> </DIV></BODY></HTML> ------=_NextPart_000_0007_01C68A33.806F2290-- --------------- Thanks, Florian
It seems as if you're sending from chello062178075175.26.11.univie.teleweb.at directly to panel.wal-net.at. Which SMTP server are you using in your Outlook Express settings?
I use panel.wal-net.at as SMTP server for all my outgoing mails ! Should I use another server ? regards , Florian
You can try that. But in the above exaample you sent to an account that is on panel.wal-net.at, right?
Above example : - Mail to [email protected] -> [email protected] - [email protected] is on panel.wal-net.at - smtp localdelivery (procmail) - smtp auth ----------------------- A lot of people who use Ispconfig(postfix+spamassasign) as outgoing mailserver , should have the same problem, if the use dynamical ips as workstation like i do . I can delete the spamrules out of procmail spamassasin configuration. I'm afraid that a lot of other server with the same configuration will identify all my mail as spam. thanks for your time Till , you do a great job florian
Yes , I have configured postfix to use some of those blacklists ! And here is my main.cf: --------------------------------------------------- panel:/etc/postfix# vi main.cf # See /usr/share/postfix/main.cf.dist for a commented, more complete version smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) biff = no # appending .domain is the MUA's job. append_dot_mydomain = no # Uncomment the next line to generate "delayed mail" warnings #delay_warning_time = 4h bounce_queue_lifetime = 2d myhostname = panel.wal-net.at smtpd_helo_required = yes smtpd_helo_restrictions = reject_invalid_hostname alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = /etc/mailname #mydestination = wal-net.at, silvester.wal-net.at, localhost.wal-net.at, localhost relayhost = mynetworks = 127.0.0.0/8 mailbox_command = mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all smtpd_sasl_local_domain = smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous broken_sasl_auth_clients = yes smtpd_recipient_restrictions = permit_sasl_authenticated,reject_rbl_client relays.ordb.org,reject_rbl_client opm.blitzed.org,reject_rbl_client list.dsbl.org, reject_rbl_client sbl.spamhaus.org,reject_rbl_client cbl.abuseat.org,reject_rbl_client dul.dnsbl.sorbs.net,permit_mynetworks,reject_unauth_destination smtpd_tls_auth_only = no smtpd_use_tls = no smtp_tls_note_starttls_offer = no smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_session_cache_timeout = 3600s tls_random_source = dev:/dev/urandom home_mailbox = Maildir/ virtual_maps = hash:/etc/postfix/virtusertable mydestination = /etc/postfix/local-host-names
I have also enabled smtp authentication and without a sucessfull smtp authentication I'll got an relaying denied error from my mailserver ! ( Thats okay so , thats why I'll don't remove those lines out of the main.cf). --> All those lines will be ignored if smtpauth was sucessfully. So it makes no sense to remove it. thanks till and falko for your help, regards florian