You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Chris <Ch...@011005.com> on 2007/08/20 16:09:06 UTC
Bouncing emails from certain countries
Does anyone know of a way, that whenever someone emails
from say, for example, Nigeria, Korea, Russia and
China, the email gets returned to them, saying
something like, "Email failed, no such email address"
please ?
Any help appreciated.
Chris.
Re: Bouncing emails from certain countries
Posted by Kai Schaetzl <ma...@conactive.com>.
Chris wrote on Mon, 20 Aug 2007 19:27:12 +0200:
> Not sure what happened there, and don't intentionally
> upset anyone, but I sent both the emails to
> users@spamassassin.apache.org ?
You didn't upset me, you simply hit reply instead of posting a new message
when you thought you started a new thread. You actually continued an
existing thread with a different topic and subject. This looks annoying in
a mail client that threads correctly. I already asked several people
off-list to stop this, but since these messages keep coming I thought I
better ask in public this time.
If you want to send a question to the list, do not hit "Reply" and change
the subject, this does *not* create a new message. Hit "New message" if
you want to send a question. Thanks.
Kai
--
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com
RE: Bouncing emails from certain countries
Posted by Chris <Ch...@011005.com>.
Not sure what happened there, and don't intentionally
upset anyone, but I sent both the emails to
users@spamassassin.apache.org ? (Like I've done this
time).
Chris.
>-----Original Message-----
>From: Kai Schaetzl [mailto:maillists@conactive.com]
>Sent: Monday, August 20, 2007 7:20 PM
>To: users@spamassassin.apache.org
>Subject: Re: Bouncing emails from certain countries
>
>*Please*, if you want to post a new message, then hit
"new
>message" and
>not "Reply", thanks.
>
>Kai
>
>--
>Kai Schätzl, Berlin, Germany
>Get your web at Conactive Internet Services:
http://www.conactive.com
>
>
>
Re: Bouncing emails from certain countries
Posted by Kai Schaetzl <ma...@conactive.com>.
*Please*, if you want to post a new message, then hit "new message" and
not "Reply", thanks.
Kai
--
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com
Re: Bouncing emails from certain countries
Posted by jidanni <ji...@jidanni.org>.
http://joi.ito.com/archives/2007/08/02/my_email_not_good_enough_for_you.html
...it's because the email is from an Asian ...
.. get my IP address added to some white-list ...
The comment I wanted to add is:
That's right, tell them to put me on the
white-(person-yes-just-like-them,-but-living-in-gasp--asia)-list, so let
my mail through.
However my browser can't handle the high class captcha on the blog, so
I couldn't reply there.
--
View this message in context: http://www.nabble.com/PDFInfo-version-0.8--tf4299030.html#a12360443
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
RE: Bouncing emails from certain countries
Posted by Chris <Ch...@011005.com>.
>-----Original Message-----
>From: Dave Pooser [mailto:dave@pooserville.com]
>Sent: Monday, August 20, 2007 5:08 PM
>To: users@spamassassin.apache.org
>Subject: Re: Bouncing emails from certain countries
>
>> Does anyone know of a way, that whenever someone
emails
>> from say, for example, Nigeria, Korea, Russia and
>> China, the email gets returned to them, saying
>> something like, "Email failed, no such email
address"
>> please ?
>
>You can use the DNS blacklists at blackholes.us to
block based
>on sender
>countries.
>--
>Dave Pooser
>Cat-Herder-in-Chief, Pooserville.com
>"The greatest dangers to liberty lurk in insidious
encroachment
>by men of zeal, well-meaning but without
understanding."
> -- Justice Louis Brandeis
Ah, cancel the last - the websites now up and running.
How do I configure SA using blackholes.us please ?
Any help appreciated.
Chris.
RE: Bouncing emails from certain countries
Posted by Chris <Ch...@011005.com>.
>-----Original Message-----
>From: Dave Pooser [mailto:dave@pooserville.com]
>Sent: Monday, August 20, 2007 5:08 PM
>To: users@spamassassin.apache.org
>Subject: Re: Bouncing emails from certain countries
>
>> Does anyone know of a way, that whenever someone
emails
>> from say, for example, Nigeria, Korea, Russia and
>> China, the email gets returned to them, saying
>> something like, "Email failed, no such email
address"
>> please ?
>
>You can use the DNS blacklists at blackholes.us to
block based
>on sender
>countries. Lying about why the message was rejected is
going
>to be something
>you have to do in your MTA, and I'd consider it an
extremely bad idea
>because it's going to make troubleshooting difficult.
>--
>Dave Pooser
>Cat-Herder-in-Chief, Pooserville.com
>"The greatest dangers to liberty lurk in insidious
encroachment
>by men of zeal, well-meaning but without
understanding."
> -- Justice Louis Brandeis
Many thanks Dave - it's appreciated.
Perhaps I won't do the message.
I'm getting a 404 on the site below - is that the right
address please ?
http://www.blackholes.us
Chris.
Re: Bouncing emails from certain countries
Posted by Dave Pooser <da...@pooserville.com>.
> Does anyone know of a way, that whenever someone emails
> from say, for example, Nigeria, Korea, Russia and
> China, the email gets returned to them, saying
> something like, "Email failed, no such email address"
> please ?
You can use the DNS blacklists at blackholes.us to block based on sender
countries. Lying about why the message was rejected is going to be something
you have to do in your MTA, and I'd consider it an extremely bad idea
because it's going to make troubleshooting difficult.
--
Dave Pooser
Cat-Herder-in-Chief, Pooserville.com
"The greatest dangers to liberty lurk in insidious encroachment
by men of zeal, well-meaning but without understanding."
-- Justice Louis Brandeis
Re: Bouncing emails from certain countries
Posted by Andy Sutton <ne...@pessimists.net>.
On Mon, 2007-08-20 at 10:13 -0700, John D. Hardin wrote:
> That's kind of an extreme solution, and generally considered bad
> practice.
Yup - Be prepared for false positive hits if you use this method. I
rented a server that just happened to be on a netblock in Germany. US
websites/email though. When you rent a server, there is no telling
where the physical box will reside unless it is part of the contract.
--
- Andy
The test of courage comes when we are in the minority. The test of
tolerance comes when we are in the majority.
- Ralph W. Sockman
Re: Bouncing emails from certain countries
Posted by "John D. Hardin" <jh...@impsec.org>.
On Mon, 27 Aug 2007, Derek Harding wrote:
> On Sun, 2007-08-26 at 12:37 -0700, John D. Hardin wrote:
> > On Sat, 25 Aug 2007 jidanni@jidanni.org wrote:
> >
> > > And no wonder you don't seem to get many new customers from
> > > elsewhere anyway, I bet. They can't get a word in edgewise. But
> > > never mind. You won't see this message either.
> >
> > Whoa. Is anybody else getting a sense of Deja Vu here?
>
> As the author of the URICountry module I would recommend only using
> country-based rules for scoring or possibly blocking for an
> individual/vanity site.
No, I meant I though I'd seen that particular post a few days earlier,
and was wondering whether anybody else was also seeing old messages
coming through again. Sorry for being humorous rather than clear... :)
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhardin@impsec.org FALaholic #11174 pgpk -a jhardin@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Vista is at best mildly annoying and at worst makes you want to
rush to Redmond, Wash. and rip somebody's liver out. -- Forbes
-----------------------------------------------------------------------
Tomorrow: Exercise Your Rights day
Re: Bouncing emails from certain countries
Posted by Derek Harding <de...@innovyx.com>.
On Sun, 2007-08-26 at 12:37 -0700, John D. Hardin wrote:
> On Sat, 25 Aug 2007 jidanni@jidanni.org wrote:
>
> > And no wonder you don't seem to get many new customers from
> > elsewhere anyway, I bet. They can't get a word in edgewise. But
> > never mind. You won't see this message either.
>
> Whoa. Is anybody else getting a sense of Deja Vu here?
As the author of the URICountry module I would recommend only using
country-based rules for scoring or possibly blocking for an
individual/vanity site.
I have found that scoring URIs and senders from certain countries can
assist in identification of some spam however it's something that will
need to be per-user or small-organization only since there is plenty of
scope for false positives.
Derek
Re: Bouncing emails from certain countries
Posted by "John D. Hardin" <jh...@impsec.org>.
On Sat, 25 Aug 2007 jidanni@jidanni.org wrote:
> And no wonder you don't seem to get many new customers from
> elsewhere anyway, I bet. They can't get a word in edgewise. But
> never mind. You won't see this message either.
Whoa. Is anybody else getting a sense of Deja Vu here?
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhardin@impsec.org FALaholic #11174 pgpk -a jhardin@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
USMC Rules of Gunfighting #20: The faster you finish the fight,
the less shot you will get.
-----------------------------------------------------------------------
2 days until Exercise Your Rights day
Re: Bouncing emails from certain countries
Posted by ji...@jidanni.org.
DA> I used IP::Country::Fast to block everything except canada and usa...
DA> I've only had to add one company to an allow list because they are in Italy...
DA> I don't think its that bad of a solution,
DA> depending on where your companies customers are located..
And no wonder you don't seem to get many new customers from elsewhere
anyway, I bet. They can't get a word in edgewise. But never mind. You
won't see this message either.
Re: Bouncing emails from certain countries
Posted by ji...@jidanni.org.
DA> I used IP::Country::Fast to block everything except canada and usa...
DA> I've only had to add one company to an allow list because they are in Italy...
DA> I don't think its that bad of a solution,
DA> depending on where your companies customers are located..
And no wonder you don't seem to get many new customers from elsewhere
anyway, I bet. They can't get a word in edgewise. But never mind. You
won't see this message either.
RE: Bouncing emails from certain countries
Posted by Skip Brott <sb...@dmp.com>.
This would work fine if you expect emails only from those countries. Our
company does business in Central & South America as well (which also means
allowing lots of Spanish & Portuguese). We do not do business in Europe or
Asia and I see quite a bit of spam from from *.ru and *.su. I do not have a
country-based solution in place as the vast majority are caught in other
rules.
- Skip
> I used IP::Country::Fast to block everything except canada and usa...
>
> I've only had to add one company to an allow list because
> they are in Italy...
>
> I don't think its that bad of a solution,
> depending on where your companies customers are located..
Re: Bouncing emails from certain countries
Posted by Daniel Aquino <mr...@gmail.com>.
I used IP::Country::Fast to block everything except canada and usa...
I've only had to add one company to an allow list because they are in Italy...
I don't think its that bad of a solution,
depending on where your companies customers are located..
On 8/21/07, Skip Brott <sb...@dmp.com> wrote:
> Out of curiosity (as this is a feature that I would like to have as well for
> a couple of speficic countries), is there a reason that a couple of SA
> plugins cant be used:
>
> http://wiki.apache.org/spamassassin/URICountryPlugin
> Or
> http://wiki.apache.org/spamassassin/RelayCountryPlugin
>
> I am not certain which of these would be the correct one to implement.
>
> - Skip
>
>
Fwd: Bouncing emails from certain countries
Posted by Daniel Aquino <mr...@gmail.com>.
---------- Forwarded message ----------
From: Daniel Aquino <mr...@gmail.com>
Date: Aug 21, 2007 9:51 PM
Subject: Re: Bouncing emails from certain countries
To: "John D. Hardin" <jh...@impsec.org>
I used IP::Country::Fast to block everything except canada and usa...
I've only had to add one company to an allow list because they are in Italy...
I don't think its that bad of a solution,
depending on where your companies customers are located..
Re: Bouncing emails from certain countries
Posted by John Scully <js...@isipi.com>.
I use IP::Country::Fast to add an additional score based on originating
country, and am about to allow my end-users to select allowed countries.
i.e. the user pulls up the screen for spam settings and selects "block all
non-US servers" "unblock all non-US servers" or selects specific countries
to block/unblock.
I know that most residential users receive zero legitimate mail from
overseas, or at most need to allow one or two countries. I am a firm
believer in putting the final say int he hands of the user, because no one
solution fits everyone.
John P. Scully
President/CTO
iSupportISP LLC
33 North high st
Suite 1000
Columbus, OH 43215
614-586-4040
614-226-6110 Mobile
614-586-4044 Fax
jscully@isupportisp.com
----- Original Message -----
From: "Daniel Aquino" <mr...@gmail.com>
To: <us...@spamassassin.apache.org>
Sent: Tuesday, August 21, 2007 9:52 PM
Subject: Re: Bouncing emails from certain countries
>
> I used IP::Country::Fast to block everything except canada and usa...
>
> I've only had to add one company to an allow list because they are in
Italy...
>
> I don't think its that bad of a solution,
> depending on where your companies customers are located..
>
>
> On 8/21/07, Skip Brott <sb...@dmp.com> wrote:
> > Out of curiosity (as this is a feature that I would like to have as well
for
> > a couple of speficic countries), is there a reason that a couple of SA
> > plugins cant be used:
> >
> > http://wiki.apache.org/spamassassin/URICountryPlugin
> > Or
> > http://wiki.apache.org/spamassassin/RelayCountryPlugin
> >
> > I am not certain which of these would be the correct one to implement.
> >
> > - Skip
> >
> >
>
>
RE: Bouncing emails from certain countries
Posted by "John D. Hardin" <jh...@impsec.org>.
On Tue, 21 Aug 2007, Skip Brott wrote:
> Out of curiosity (as this is a feature that I would like to have
> as well for a couple of speficic countries), is there a reason
> that a couple of SA plugins cant be used:
>
> http://wiki.apache.org/spamassassin/URICountryPlugin
> Or
> http://wiki.apache.org/spamassassin/RelayCountryPlugin
>
> I am not certain which of these would be the correct one to implement.
Those are probably the "correct" approach these days; I just haven't
stirred my stumps to change the geo RBLs that I've had in there
forever.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhardin@impsec.org FALaholic #11174 pgpk -a jhardin@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
...much of our country's counterterrorism security spending is not
designed to protect us from the terrorists, but instead to protect
our public officials from criticism when another attack occurs.
-- Bruce Schneier
-----------------------------------------------------------------------
4 days until The 1928th anniversary of the destruction of Pompeii
RE: Bouncing emails from certain countries
Posted by Skip Brott <sb...@dmp.com>.
Out of curiosity (as this is a feature that I would like to have as well for
a couple of speficic countries), is there a reason that a couple of SA
plugins cant be used:
http://wiki.apache.org/spamassassin/URICountryPlugin
Or
http://wiki.apache.org/spamassassin/RelayCountryPlugin
I am not certain which of these would be the correct one to implement.
- Skip
RE: Bouncing emails from certain countries
Posted by "John D. Hardin" <jh...@impsec.org>.
On Tue, 21 Aug 2007, Chris wrote:
> Hi John, How do I find that file please ? I look at my
> SA in Cpanel and can't see where to input the text
> below?
>
> describe BL_COUNTRY_CN_1 Mail client in China
> header BL_COUNTRY_CN_1 eval:check_rbl('china',
> 'cn.countries.nerd.dk')
> score BL_COUNTRY_CN_1 0.5
> tflags BL_COUNTRY_CN_1 net
>
> Any help appreciated.
I'm not familiar with CPanel, but if the server is hosted and you
don't have root access, you are probably out of luck.
I'm only really familiar with site-wide configs; perhaps someone else
on the list can provide suggestions for a CPanel-controlled user
customized configuration. Unfortunately, I don't think the per-user
capabilities of SA include adding new private rules.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhardin@impsec.org FALaholic #11174 pgpk -a jhardin@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
...much of our country's counterterrorism security spending is not
designed to protect us from the terrorists, but instead to protect
our public officials from criticism when another attack occurs.
-- Bruce Schneier
-----------------------------------------------------------------------
4 days until The 1928th anniversary of the destruction of Pompeii
RE: Bouncing emails from certain countries
Posted by Chris <Ch...@011005.com>.
>-----Original Message-----
>From: John D. Hardin [mailto:jhardin@impsec.org]
>Sent: Tuesday, August 21, 2007 3:24 PM
>To: Chris
>Cc: users@spamassassin.apache.org
>Subject: RE: Bouncing emails from certain countries
>
>On Tue, 21 Aug 2007, Chris wrote:
>
>> Hi John, Many thanks for the input on this - it's
>> appreciated.
>>
>> John, whereabouts *precisely* do I input the text
below
>> please and is that all that needs to be done ?
>>
>> >describe BL_COUNTRY_CN_1 Mail client in China
>> >header BL_COUNTRY_CN_1 eval:check_rbl('china',
>'cn.countries.nerd.dk')
>> >score BL_COUNTRY_CN_1 0.5
>> >tflags BL_COUNTRY_CN_1 net
>>
>> My scenario is that my website is on shared hosting
>> servers, I don't have access to the root, but I do
have
>> access to Spamassasin.
>
>They are just more rules, nothing special about them.
They goes into
>your global SA local configuration file, typically
>/etc/mail/spamassassin/local.cf or something similar.
>
>--
> John Hardin KA7OHZ
http://www.impsec.org/~jhardin/
> jhardin@impsec.org FALaholic #11174 pgpk -a
jhardin@impsec.org
> key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76
D822 E6E6 B873 2E79
>------------------------------------------------------
-----------------
Hi John, How do I find that file please ? I look at my
SA in Cpanel and can't see where to input the text
below?
describe BL_COUNTRY_CN_1 Mail client in China
header BL_COUNTRY_CN_1 eval:check_rbl('china',
'cn.countries.nerd.dk')
score BL_COUNTRY_CN_1 0.5
tflags BL_COUNTRY_CN_1 net
Any help appreciated.
Chris
RE: Bouncing emails from certain countries
Posted by "John D. Hardin" <jh...@impsec.org>.
On Tue, 21 Aug 2007, Chris wrote:
> Hi John, Many thanks for the input on this - it's
> appreciated.
>
> John, whereabouts *precisely* do I input the text below
> please and is that all that needs to be done ?
>
> >describe BL_COUNTRY_CN_1 Mail client in China
> >header BL_COUNTRY_CN_1 eval:check_rbl('china', 'cn.countries.nerd.dk')
> >score BL_COUNTRY_CN_1 0.5
> >tflags BL_COUNTRY_CN_1 net
>
> My scenario is that my website is on shared hosting
> servers, I don't have access to the root, but I do have
> access to Spamassasin.
They are just more rules, nothing special about them. They goes into
your global SA local configuration file, typically
/etc/mail/spamassassin/local.cf or something similar.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhardin@impsec.org FALaholic #11174 pgpk -a jhardin@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
So Microsoft's invented the ASCII equivalent to ugly ink spots that
appear on your letter when your pen is malfunctioning.
-- Greg Andrews, about Microsoft's way to encode apostrophes
-----------------------------------------------------------------------
4 days until The 1928th anniversary of the destruction of Pompeii
RE: Bouncing emails from certain countries
Posted by Chris <Ch...@011005.com>.
>-----Original Message-----
>From: John D. Hardin [mailto:jhardin@impsec.org]
>Sent: Monday, August 20, 2007 7:14 PM
>To: Chris
>Cc: users@spamassassin.apache.org
>Subject: Re: Bouncing emails from certain countries
>
>On Mon, 20 Aug 2007, Chris wrote:
>
>> Does anyone know of a way, that whenever someone
emails
>> from say, for example, Nigeria, Korea, Russia and
>> China, the email gets returned to them, saying
>> something like, "Email failed, no such email
address"
>> please ?
>>
>> Any help appreciated.
>
>That's kind of an extreme solution, and generally
considered bad
>practice.
>
>That said, there are geographic RBLs, for example
countries.nerd.dk
>
>Here's what I do in SA:
>
>describe BL_COUNTRY_CN_1 Mail client in China
>header BL_COUNTRY_CN_1 eval:check_rbl('china',
>'cn.countries.nerd.dk')
>score BL_COUNTRY_CN_1 0.5
>tflags BL_COUNTRY_CN_1 net
>
>Substitute the ISO country code as needed.
>
>If you want a hard reject, just move the DNSBL check
into your MTA
>with whatever reject message you like (assuming your
MTA lets you
>customize that for DNSBLs).
>
>--
> John Hardin KA7OHZ
http://www.impsec.org/~jhardin/
> jhardin@impsec.org FALaholic #11174 pgpk -a
jhardin@impsec.org
> key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76
D822 E6E6 B873 2E79
>------------------------------------------------------
-----------------
> Men by their constitutions are naturally divided in
to two parties:
> 1. Those who fear and distrust the people and wish
to draw all
> powers from them into the hands of the higher
classes. 2. Those who
> identify themselves with the people, have confidence
in them,
> cherish and consider them as the most honest and
safe, although not
> the most wise, depository of the public interests.
> --
Thomas Jefferson
>------------------------------------------------------
-----------------
> 5 days until The 1928th anniversary of the
destruction of Pompeii
Hi John, Many thanks for the input on this - it's
appreciated.
John, whereabouts *precisely* do I input the text below
please and is that all that needs to be done ?
>describe BL_COUNTRY_CN_1 Mail client in China
>header BL_COUNTRY_CN_1 eval:check_rbl('china',
>'cn.countries.nerd.dk')
>score BL_COUNTRY_CN_1 0.5
>tflags BL_COUNTRY_CN_1 net
My scenario is that my website is on shared hosting
servers, I don't have access to the root, but I do have
access to Spamassasin.
Chris.
Re: Bouncing or just *deleting* emails from certain countries
Posted by Matt Kettler <mk...@verizon.net>.
Chris wrote:
>> On Mon, 20 Aug 2007, Chris wrote:
>>
>>
>>> Does anyone know of a way, that whenever someone
>>>
> emails
>
>>> from say, for example, Nigeria, Korea, Russia and
>>> China, the email either gets deleted by Spamassassin
>>>
> *or* returned to them, saying
>
>>> something like, "Email failed, no such email
>>>
> address" please ?
>
>>> Any help very much appreciated.
Generally speaking any delete, bounce or redirect action is something
completely beyond SA's power because it doesn't control the message
envelope. (although other tools with this power over the may take such
actions based on them).
However, your best bet is to implement a reject using a country-based
blacklist at your MTA layer. No spamassassin needed.
Don't bounce probable spam post-delivery. That just creates more
problems than it solves, as the return-path and from: headers will
generally point to some valid but innocent third-party (generally just
randomly grabbed from the same database of addresses that the spam is
being sent to).
Re: Bouncing or just *deleting* emails from certain countries
Posted by "John D. Hardin" <jh...@impsec.org>.
On Wed, 17 Oct 2007, Chris wrote:
> >> Does anyone know of a way, that whenever someone
> >> emails
> >> from say, for example, Nigeria, Korea, Russia and
> >> China, the email either gets deleted by Spamassassin
>
> >-----Original Message-----
> >From: John D. Hardin [mailto:jhardin@impsec.org]
> >Here's what I do in SA:
> >
> >describe BL_COUNTRY_CN_1 Mail client in China
> >header BL_COUNTRY_CN_1 eval:check_rbl('china',
> >'cn.countries.nerd.dk')
> >score BL_COUNTRY_CN_1 0.5
> >tflags BL_COUNTRY_CN_1 net
> >
> >Substitute the ISO country code as needed.
>
> Hi John, Many thanks for the input on this - it's very
> much appreciated.
>
> John, whereabouts *precisely* do I input the text below
> please and is that all that needs to be done ?
>
> >describe BL_COUNTRY_CN_1 Mail client in China
> >header BL_COUNTRY_CN_1 eval:check_rbl('china',
> >'cn.countries.nerd.dk')
> >score BL_COUNTRY_CN_1 0.5
> >tflags BL_COUNTRY_CN_1 net
>
> My scenario is that my website is on shared hosting
> servers, I don't have access to the root, but I do have
> access to Spamassasin.
Those are SpamAssassin rules, so they go in the local SpamAssassin
configuration file along with any other custom rules you have.
Typically that's some .cf file under /etc/mail/spamassassin. Don't
alter the default config files that ship with SA - they will live
someplace like /usr/share/spamassassin/
Running
spamassassin -D --lint
should tell you where the config files live.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhardin@impsec.org FALaholic #11174 pgpk -a jhardin@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
...the Fates notice those who buy chainsaws...
-- www.darwinawards.com
-----------------------------------------------------------------------
13 days until Halloween
Bouncing or just *deleting* emails from certain countries
Posted by Chris <Ch...@011005.com>.
>On Mon, 20 Aug 2007, Chris wrote:
>
>> Does anyone know of a way, that whenever someone
emails
>> from say, for example, Nigeria, Korea, Russia and
>> China, the email either gets deleted by Spamassassin
*or* returned to them, saying
>> something like, "Email failed, no such email
address" please ?
>>
>> Any help very much appreciated.
>>
>> Chris
>-----Original Message-----
>From: John D. Hardin [mailto:jhardin@impsec.org]
>Sent: Monday, August 20, 2007 7:14 PM
>To: Chris
>Cc: users@spamassassin.apache.org
>Subject: Re: Bouncing emails from certain countries
>
>Here's what I do in SA:
>
>describe BL_COUNTRY_CN_1 Mail client in China
>header BL_COUNTRY_CN_1 eval:check_rbl('china',
>'cn.countries.nerd.dk')
>score BL_COUNTRY_CN_1 0.5
>tflags BL_COUNTRY_CN_1 net
>
>Substitute the ISO country code as needed.
>
>If you want a hard reject, just move the DNSBL check
into your MTA
>with whatever reject message you like (assuming your
MTA lets you
>customize that for DNSBLs).
>
>--
> John Hardin KA7OHZ
http://www.impsec.org/~jhardin/
> jhardin@impsec.org FALaholic #11174 pgpk -a
jhardin@impsec.org
> key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76
D822 E6E6 B873 2E79
>------------------------------------------------------
Hi John, Many thanks for the input on this - it's very
much appreciated.
John, whereabouts *precisely* do I input the text below
please and is that all that needs to be done ?
>describe BL_COUNTRY_CN_1 Mail client in China
>header BL_COUNTRY_CN_1 eval:check_rbl('china',
>'cn.countries.nerd.dk')
>score BL_COUNTRY_CN_1 0.5
>tflags BL_COUNTRY_CN_1 net
My scenario is that my website is on shared hosting
servers, I don't have access to the root, but I do have
access to Spamassasin.
Chris.
Re: Bouncing emails from certain countries
Posted by "John D. Hardin" <jh...@impsec.org>.
On Mon, 20 Aug 2007, Chris wrote:
> Does anyone know of a way, that whenever someone emails
> from say, for example, Nigeria, Korea, Russia and
> China, the email gets returned to them, saying
> something like, "Email failed, no such email address"
> please ?
>
> Any help appreciated.
That's kind of an extreme solution, and generally considered bad
practice.
That said, there are geographic RBLs, for example countries.nerd.dk
Here's what I do in SA:
describe BL_COUNTRY_CN_1 Mail client in China
header BL_COUNTRY_CN_1 eval:check_rbl('china', 'cn.countries.nerd.dk')
score BL_COUNTRY_CN_1 0.5
tflags BL_COUNTRY_CN_1 net
Substitute the ISO country code as needed.
If you want a hard reject, just move the DNSBL check into your MTA
with whatever reject message you like (assuming your MTA lets you
customize that for DNSBLs).
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhardin@impsec.org FALaholic #11174 pgpk -a jhardin@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Men by their constitutions are naturally divided in to two parties:
1. Those who fear and distrust the people and wish to draw all
powers from them into the hands of the higher classes. 2. Those who
identify themselves with the people, have confidence in them,
cherish and consider them as the most honest and safe, although not
the most wise, depository of the public interests.
-- Thomas Jefferson
-----------------------------------------------------------------------
5 days until The 1928th anniversary of the destruction of Pompeii