[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1130
  • Last Modified:

Qmail Spam Block

I want to block this type of emails on the server as you should see spf filter is working but not blocking also i want a reverse check.

how should i enable this on qmail server


Oct 24 09:38:41 lin qmail-queue-handlers[17126]: Handlers Filter before-queue for qmail started ...
Oct 24 09:38:42 lin qmail-queue-handlers[17126]: from=carobremediable@wikipedia.org
Oct 24 09:38:42 lin qmail-queue-handlers[17126]: to=zzzz@xxxx.com
Oct 24 09:38:42 lin qmail-queue-handlers[17126]: hook_dir = '/usr/local/psa/handlers/before-queue'
Oct 24 09:38:42 lin qmail-queue-handlers[17126]: call_handlers: call executable = '/usr/local/psa/handlers/info/10-spf-xLNqDO/executable'
Oct 24 09:38:42 lin spf filter[17127]: Starting spf filter...
Oct 24 09:38:42 lin spf filter[17127]: Error code: (2) Could not find a valid SPF record
Oct 24 09:38:42 lin spf filter[17127]: Failed to query MAIL-FROM: No DNS data for 'wikipedia.org'.
Oct 24 09:38:42 lin spf filter[17127]: SPF result: none
Oct 24 09:38:42 lin spf filter[17127]: SPF status: PASS
Oct 24 09:38:42 lin qmail-queue-handlers[17126]: handlers_stderr: PASS
Oct 24 09:38:42 lin qmail-queue-handlers[17126]: call_handlers: PASS during call '/usr/local/psa/handlers/info/10-spf-xLNqDO/executable' handler
Oct 24 09:38:42 lin qmail-queue-handlers[17126]: recipient[3] = 'zzzz@xxxx.com'
Oct 24 09:38:42 lin qmail-queue-handlers[17126]: handlers dir = '/usr/local/psa/handlers/before-queue/recipient/zzz@xxxx.com'
Oct 24 09:38:42 lin qmail-queue-handlers[17126]: starter: submitter[17128] exited normally
Oct 24 09:38:42 lin qmail: 1319438322.589124 new msg 45712530
Oct 24 09:38:42 lin qmail: 1319438322.589156 info msg 45712530: bytes 5715 from <carobremediable@wikipedia.org> qp 17128 uid 2020
Oct 24 09:38:42 lin qmail: 1319438322.647127 starting delivery 16839: msg 45712530 to local 21-zzzz@xxxx.com
Oct 24 09:38:42 lin qmail: 1319438322.647191 status: local 1/10 remote 0/20

Open in new window

0
3XLcom
Asked:
3XLcom
  • 6
  • 4
1 Solution
 
PapertripCommented:
From the excerpt you posted, there are no problems.  There is no SPF record for wikipedia.org.

[root@broken ~]# dig wikipedia.org any

; <<>> DiG 9.7.0-P2-RedHat-9.7.0-5.P2.el6_0.1 <<>> wikipedia.org any
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30519
;; flags: qr rd ra; QUERY: 1, ANSWER: 7, AUTHORITY: 3, ADDITIONAL: 0

;; QUESTION SECTION:
;wikipedia.org.         IN      ANY

;; ANSWER SECTION:
wikipedia.org.        86363     IN  SOA ns0.wikimedia.org. hostmaster.wikimedia.org. 2011093021 43200 7200 1209600 3600
wikipedia.org.        3563      IN  A   208.80.152.201
wikipedia.org.        3563      IN  MX  10 mchenry.wikimedia.org.
wikipedia.org.        3563      IN  MX  50 lists.wikimedia.org.
wikipedia.org.        86363     IN  NS  ns2.wikimedia.org.
wikipedia.org.        86363     IN  NS  ns0.wikimedia.org.
wikipedia.org.        86363     IN  NS  ns1.wikimedia.org.

;; AUTHORITY SECTION:
wikipedia.org.        86363     IN  NS  ns1.wikimedia.org.
wikipedia.org.        86363     IN  NS  ns0.wikimedia.org.
wikipedia.org.        86363     IN  NS  ns2.wikimedia.org.

Open in new window



0
 
PapertripCommented:
For reverse DNS checks, if you are using tcpserver you can set the paranoid option.

-p: Paranoid. After looking up the remote host name in DNS, look up the IP addresses in DNS for that host name, and remove the environment variable $TCPREMOTEHOST if none of the addresses match the client's IP address.
http://cr.yp.to/ucspi-tcp/tcpserver.html

Examples and more info can be found at http://www.chrishardie.com/qmail-anti-spam-howto/#sysoption1
0
 
3XLcomAuthor Commented:
Wikipedia is not in my host it is the spammer address
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
PapertripCommented:
Yes, I realize that.  Is there something about my answer you don't understand?
0
 
3XLcomAuthor Commented:
Is there any spesific solution for directly make qmail to check reverse dns and spf records before accepting mails ?
0
 
PapertripCommented:
I commented on how to configure qmail to check reverse DNS.  It looks like your SPF filter is already setup.
0
 
3XLcomAuthor Commented:
But the problem is i have no idea about what is tcp server i have plesk and qmail on this server and i checked for ps aux i did not see any thing like it
0
 
PapertripCommented:
I'm not very familiar with Plesk, but here are a couple links to disable reverse lookups.

http://www.keithdmitchell.com/2010/03/09/how-to-disable-reverse-lookups-with-qmail-in-plesk/
http://forums.theplanet.com/lofiversion/index.php/t3271.html

I know that isn't what you want to do, but it at least shows the path to the file that has those options for Qmail+Plesk.

Are you sure qmail is not already doing reverse DNS checks?
Perhaps your server_args has a '-R' in it?
0
 
PapertripCommented:
Hi, is this still an issue?
0
 
3XLcomAuthor Commented:
thnx
0

Featured Post

How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

  • 6
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now