Spam filter disabled but no more spam !

Discussion in 'General' started by funkix, Jan 16, 2008.

  1. funkix

    funkix New Member

    I changed my webserver a few days ago, it was a chance to install the new box from scratch with a fedora core 6 and ispconfig (2.2.18), plus postfix 2.4.5-2 for the mail part.

    With the old box I used to receive around 200 spams per day. With the new box, with all the previous email addresses, I don't get anyone. Seems good ... but the spam filter is disabled !

    How is it possible ? I receive some non-spam messages, but I wonder if I don't loose some messages anyway !
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Please have a look into your mail log if you find any errors there.
  3. funkix

    funkix New Member

    I had a look but found nothing suspicious. It seems that the spam messages don't arrive in the MTA (postfix), is it possible that they are dropped before ?

    Or perhaps that the spammers decided not to spam my emails anymore, but I don't believe this one ;-)
  4. falko

    falko Super Moderator ISPConfig Developer

    Please make sure that the MX records for your domains are pointing to the new server. You can check that with
    dig mx
  5. funkix

    funkix New Member

    I ran the dig command from the server, it's ok :

    ;; AUTHORITY SECTION: 86400 IN SOA 2007122301 28800 7200 604800 86400

    But when I run it from home, I have no ANSWER section, nor AUTHORITY section.

    When I run the dig mx command from home on a well-know domainname it got this :

    $ dig mx

    ; <<>> DiG 9.2.2 <<>> mx
    ;; global options: printcmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38217
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

    ; IN MX

    ;; ANSWER SECTION: 1986 IN MX 10

    ;; Query time: 495 msec
    ;; SERVER:
    ;; WHEN: Thu Jan 17 19:46:44 2008
    ;; MSG SIZE rcvd: 47

    Looks interesting ! Could you tell me how to fix me ?

    Thanks A LOT :)
  6. funkix

    funkix New Member

    I found this post, I remove the hostname in the MX DNS record in ispconfig and now the dig mx command returns the MX record in the answer question, at least on the server (I'm waiting for the DNS replication to check elsewhere).

    This was not trivial !

    But do you think that this mistake had a impact on the non-receiving of spams (and perhaps non-spam mails) ?
  7. unclecameron

    unclecameron New Member

    Most of the time a legitimate e-mail server will attempt a resend for 1 day, maybe 2, so you should get them after awhile when they re-attempt
  8. funkix

    funkix New Member

    Yeah I'm receiving tons of spam again, not sure if it's a great thing but thanks anyway.

    In fact you don't receive spams if your domain MX is not configured because of this :

    Found here on wikipedia :
    When an MX-lookup fails, RFC rules call for fallback to the domain's A record. For situations where a domain's A record and MX record both point to the same machine or IP address, it is usually the case that the MX record can safely be deleted. This usually results in no missing valid or "legit" e-mail, but a drop in spam should be noted. The reason being is that because of the theories that SMTP engines running on comprimised hosts do not fully implement all SMTP error-handling routines, and this lack of complete rule-following can be used against them (grey-listing being another example of an anti-spam technique).

Share This Page