RBL check question

General E.F.A. discussion
Post Reply
glocke
Posts: 3
Joined: 20 Nov 2017 10:37

RBL check question

Post by glocke » 07 Dec 2017 10:32

Hey there,

I have a question about the RBL checking. Our incoming mails are forwarded by an external mailserver to efa server and then being forwarded to our exchange server. In this constellation the sender is always the external mailserver of course. If I understand this correctly, only the last sender address is checked against the RBL. We haven't had a mail blocked by RBL since we set up efa so I think this is why the function doesn't work. My question is now how we could get this working in that constellation (RBL check first sender IP / X-ME-IP).

Thank you for your help!

User avatar
BOOZy
Posts: 9
Joined: 04 Oct 2017 13:17

Re: RBL check question

Post by BOOZy » 07 Dec 2017 10:37

Your only option is to cut out the relay server and make EFA the first server that receives email.
This is kind of how mail filtering appliances work in general.

glocke
Posts: 3
Joined: 20 Nov 2017 10:37

Re: RBL check question

Post by glocke » 07 Dec 2017 10:44

That doesn't sound good. Due to legislation and agreements, we have to use the relay server of the external service provider, which does not seem to use a good spamfilter. Is there really no other way to achieve a good filtering? :cry:

User avatar
BOOZy
Posts: 9
Joined: 04 Oct 2017 13:17

Re: RBL check question

Post by BOOZy » 07 Dec 2017 13:39

A developer with too much time on their hands could add an option to specify an incoming relay server, thus making the system aware of the need to process the second to last hop instead of the last.
Other than that you're SOL.

User avatar
pdwalker
Posts: 875
Joined: 18 Mar 2015 09:16

Re: RBL check question

Post by pdwalker » 08 Dec 2017 07:35

No, he's not. Let me find the link on how to solve this problem.

[Edit] Look here: Will this solve your problem?
viewtopic.php?f=5&t=2814&p=11155&hilit= ... abs#p11155

[Edit 2]
This fix is for the spamassassin RBL checks, not for postfix RBL checks. Which RBL checks are you referring to specifically?

glocke
Posts: 3
Joined: 20 Nov 2017 10:37

Re: RBL check question

Post by glocke » 08 Dec 2017 08:24

Thanks for the links. Which RBL checks to be used is unimportant for me. It's only important that we reach the goal and stop the spam :)
I will try to configure the SpamAssassin as described in the wiki. Is there a log or anything where we could see if the mail is being checked by SpamAssassin?
I'm not very familiar with SpamAssassin and other mail software on linux :cry: still learning.

Thank you very much!

User avatar
pdwalker
Posts: 875
Joined: 18 Mar 2015 09:16

Re: RBL check question

Post by pdwalker » 11 Dec 2017 04:07

logs? Normally, no. You'll just see the results in the spam report, like so:
Screen Shot 2017-12-11 at 12.00.png
Screen Shot 2017-12-11 at 12.00.png (145.23 KiB) Viewed 12 times
Notice the "dnsbl.abyan.es" which is one of my rbl checks

If you want to see the actual results of the check, you'll have to run spamassassin in debug mode. For the above message, I ran this command to get the debug log:

Code: Select all

spamassassin -D -t < /var/spool/MailScanner/quarantine/20171211/spam/58C82180714.A383B 2>&1 |vim -
Search for "DNSBL" or "rbl", or just browse through the entire verbost log to see what is happening.

Post Reply