outbound mails through efa marked as spam by efa

General eFa discussion
Post Reply
Qlink
Posts: 14
Joined: 25 Dec 2016 23:43

outbound mails through efa marked as spam by efa

Post by Qlink »

hi guys,

today i've changed my outbound mail from my exchange server also going through efa.

client -> exchange -> efa -> receiver

strange thing is efa recognizes most of the outbound mails (not all) as spam with following SA rules:

Score Matching Rule Description
0.00 HTML_MESSAGE HTML included in message
1.64 RCVD_IN_BRBL_LASTEXT
3.56 RCVD_IN_PBL Received via a relay in Spamhaus PBL
1.67 RCVD_IN_SORBS_WEB SORBS: sender is an abusable web server
0.72 RCVD_IN_XBL Received via a relay in Spamhaus XBL
1.27 RDNS_NONE Delivered to internal network by a host with no rDNS

this does not make sense to me.

my mailserver/efa is not blacklisted, i have doublechecked @mxtoolbox and @www.anti-abuse.org

so why SA thinks my mailserver is an abusable web server and listed in Spamhaus PBL ???
i also dont understand why efa thinks there is no rDNS entry from my exchange... how can i check which DNS server efa is using ?
i've enabled dns recursion, so i can't manually add DNS servers in config menu ...

i hope you guys can help me

thanks in advance
ovizii
Posts: 463
Joined: 11 May 2016 08:08

Re: outbound mails through efa marked as spam by efa

Post by ovizii »

does it see your EX or your clients with their internal or external IPs?
Can you open one of these in Mailwatch and show us what the "Received Via" part looks like?
Qlink
Posts: 14
Joined: 25 Dec 2016 23:43

Re: outbound mails through efa marked as spam by efa

Post by Qlink »

no, seems like efa can't see them ...
my problem is i don't know how i can check which dns efa is using and how i can make my exchange seeable for efa.

i'm a windows guy and have little to none linux knowledge ...

my clients are spread on different locations and are communicating via outlook anywhere with my exchange, so they are using dynamic IP adresses from their home internet connection to send the mails through my exchange/efa ...
received.PNG
received.PNG (15.57 KiB) Viewed 5012 times
ovizii
Posts: 463
Joined: 11 May 2016 08:08

Re: outbound mails through efa marked as spam by efa

Post by ovizii »

Not sure this is 100% the correct solution but I have struggled finding a better one. I decided to "solve" this problem by telling EFA that all emails coming from my EX are not to be scanned for SPAM.

If this is OK for you then make sure that /etc/MailScanner/MailScanner.conf reads:

Code: Select all

Scan Messages = %rules-dir%/scan.messages.rules
and that file in my case says to not scan anything EFa is sending and only scan my EX for viruses while fully scanning anything else.

/etc/MailScanner/rules/scan.messages.rules

Code: Select all

From:           127.0.0.1	no
From:           192.168.200.3   virus
FomOrTo:        default         yes
Qlink
Posts: 14
Joined: 25 Dec 2016 23:43

Re: outbound mails through efa marked as spam by efa

Post by Qlink »

thanks for this workaround, but i'm more interested in solving the problem at its source.

how does it come efa thinks my mailserver is an abusable web server ? where does this information come from ?
how does it come efa thinks my mailserver is listed in Spamhaus PBL ? where does this information come from ?
how can i check/solve the rDNS problem with DNS recursion enabled (can't add DNS Server in config) ?

if efa sees my mailserver like this, all other mailservers maybe also see it like this ...


i hope someone can give me some tips how to find answers to my questions.


best greetz
ovizii
Posts: 463
Joined: 11 May 2016 08:08

Re: outbound mails through efa marked as spam by efa

Post by ovizii »

Sorry I can't help you more but you might want to read up on these terms, it might offer some more insights: SA trusted_networks, SA TrustPath, SA Trusted Relays
Post Reply