redirect to mailbox if listed in spamhaus

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

redirect to mailbox if listed in spamhaus

Ramprasad-5
I use in smtpd_recipient restrictions
reject_rbl_client zen.spamhaus.org

To reject mails from spamhaus listed IP's. If I want to accept mails and
relay to an admin email-id , is that possible.

Or should I simply accept all mails and move spamhaus checks to
SpamAssassin and write rules over there




Reply | Threaded
Open this post in threaded view
|

Re: redirect to mailbox if listed in spamhaus

Sahil Tandon
On Aug 13, 2009, at 6:28 AM, ram <[hidden email]> wrote:

> I use in smtpd_recipient restrictions
> reject_rbl_client zen.spamhaus.org
>
> To reject mails from spamhaus listed IP's. If I want to accept mails  
> and
> relay to an admin email-id , is that possible.

Probably with a policy server and the REDIRECT action.
Reply | Threaded
Open this post in threaded view
|

Re: redirect to mailbox if listed in spamhaus

/dev/rob0
On Thursday 13 August 2009 06:17:37 Sahil Tandon wrote:
> On Aug 13, 2009, at 6:28 AM, ram <[hidden email]> wrote:
> > I use in smtpd_recipient restrictions
> > reject_rbl_client zen.spamhaus.org
> >
> > To reject mails from spamhaus listed IP's. If I want to accept
> > mails and relay to an admin email-id , is that possible.
>
> Probably with a policy server and the REDIRECT action.

Possible indeed. I'm trying to figure out why it would be wanted!
Staffed with 2 administrators for every 3 users, it might be feasible
for the admins to review all those that weren't rejected. What do you
expect to find in all that?

I (subjectively) think Zen rejects about 75% of all connections that
come to my server. Somehow, real email still seems to get through.
--
    Offlist mail to this address is discarded unless
    "/dev/rob0" or "not-spam" is in Subject: header
Reply | Threaded
Open this post in threaded view
|

Re: redirect to mailbox if listed in spamhaus

Melvyn Sopacua-7
On Thursday 13 August 2009 07:22:33 /dev/rob0 wrote:

> On Thursday 13 August 2009 06:17:37 Sahil Tandon wrote:
> > On Aug 13, 2009, at 6:28 AM, ram <[hidden email]> wrote:
> > > I use in smtpd_recipient restrictions
> > > reject_rbl_client zen.spamhaus.org
> > >
> > > To reject mails from spamhaus listed IP's. If I want to accept
> > > mails and relay to an admin email-id , is that possible.
> >
> > Probably with a policy server and the REDIRECT action.
>
> Possible indeed. I'm trying to figure out why it would be wanted!

- To evaluate the amount of false positives
- To collect and seed a Bayesian spam filter before deploying
--
Melvyn Sopacua
Reply | Threaded
Open this post in threaded view
|

Re: redirect to mailbox if listed in spamhaus

d.hill
Quoting Melvyn Sopacua <[hidden email]>:

> On Thursday 13 August 2009 07:22:33 /dev/rob0 wrote:
>> On Thursday 13 August 2009 06:17:37 Sahil Tandon wrote:
>> > On Aug 13, 2009, at 6:28 AM, ram <[hidden email]> wrote:
>> > > I use in smtpd_recipient restrictions
>> > > reject_rbl_client zen.spamhaus.org
>> > >
>> > > To reject mails from spamhaus listed IP's. If I want to accept
>> > > mails and relay to an admin email-id , is that possible.
>> >
>> > Probably with a policy server and the REDIRECT action.
>>
>> Possible indeed. I'm trying to figure out why it would be wanted!
>
> - To evaluate the amount of false positives

I hope your mail flow is low. Here, it would be next to impossible.  
This is just the total rejects from yesterday:

[smtpgate ~]$ bzgrep 'zen.spamhaus.local' /var/log/maillog.0.bz2 | wc -l
  1514191

We've been using Spamhaus now for over three years subscribing to the  
datafeed service and have had less than five complaints. Those five  
were actually listed on cbl.abuseat.org (which is a part of  
zen.spamhaus.org).

> - To collect and seed a Bayesian spam filter before deploying


Reply | Threaded
Open this post in threaded view
|

Re: redirect to mailbox if listed in spamhaus

mouss-4
In reply to this post by Melvyn Sopacua-7
Melvyn Sopacua a écrit :

> On Thursday 13 August 2009 07:22:33 /dev/rob0 wrote:
>> On Thursday 13 August 2009 06:17:37 Sahil Tandon wrote:
>>> On Aug 13, 2009, at 6:28 AM, ram <[hidden email]> wrote:
>>>> I use in smtpd_recipient restrictions
>>>> reject_rbl_client zen.spamhaus.org
>>>>
>>>> To reject mails from spamhaus listed IP's. If I want to accept
>>>> mails and relay to an admin email-id , is that possible.
>>> Probably with a policy server and the REDIRECT action.
>> Possible indeed. I'm trying to figure out why it would be wanted!
>
> - To evaluate the amount of false positives

As said before, this is a full time job for many people.
Besides, it is not always possible to determine whether a message is
spam or not, unless you are the recipient.

> - To collect and seed a Bayesian spam filter before deploying

you'll end up polluting your bayes db... there is a difference between:

- we don't want any mail from this IP
- all mail sent via this IP is spam

for example, the PBL blocks mail from "residential" systems (which helps
blocking a lot of botnet junk). but this doesn't mean all mail from pbl
listed IPs is spam.

Same goes for XBL. an IP that is infected can still send "legitimate"
mail. it is blocked waiting for the problem to be fixed, not because
"all their flow is spam".