You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by sacoo sacoo <es...@gmail.com> on 2007/08/21 17:49:51 UTC
Scanning mailer-daemon bounces generated by localhost
Hello,
It must been asked before, but I couldn't find any suitable, will be glad if
you point me somewhere...
In our company we have the (mailer-exchange -> spam-scanner -> customers
with their own mail servers) topology.
We relay mail to them but some of them don't have the spam service with us
and prefer to have it on their side, then we are all the time getting the
spam we forward rejected, our spam server generates a bounce (From:
MAILER-DAEMON@ourserver.domain (Mail Delivery System)).
This bounce keeps bouncing there until expires increasing the load of our
server.
We would like to know if there is any way to force the filtering the mails
from MAILER-DAEMON@ourserver.domain.
As far, the only guess i found was to modify the master.cf somehow from
this:
smtp inet n - - - - smtpd -o
content_filter=smtp:[127.0.0.1]:10024
localhost:10025 inet n - n - - smtpd -o
content_filter=
To something like this
smtp inet n - - - - smtpd -o
content_filter=smtp:[127.0.0.1]:10024
localhost:25 inet n - - - - smtpd -o
content_filter=smtp:[127.0.0.1]:10024
localhost:10025 inet n - - - - smtpd -o
content_filter=smtp:[127.0.0.1]:10024
Filtering the localhost generated mails.
But I donno if it's the right approach.
Any help appreciated
Cheers
Re: Scanning mailer-daemon bounces generated by localhost
Posted by Jari Fredriksson <ja...@iki.fi>.
> Hello,
>
> It must been asked before, but I couldn't find any
> suitable, will be glad if you point me somewhere...
> In our company we have the (mailer-exchange ->
> spam-scanner -> customers with their own mail servers)
> topology.
> We relay mail to them but some of them don't have the
> spam service with us and prefer to have it on their side,
> then we are all the time getting the spam we forward
> rejected, our spam server generates a bounce (From:
> MAILER-DAEMON@ourserver.domain (Mail Delivery System)).
> This bounce keeps bouncing there until expires increasing
> the load of our server.
> We would like to know if there is any way to force the
> filtering the mails from MAILER-DAEMON@ourserver.domain.
>
> As far, the only guess i found was to modify the
> master.cf somehow from this:
> smtp inet n - - - -
> smtpd -o content_filter=smtp:[ 127.0.0.1]:10024
> localhost:10025 inet n - n - -
> smtpd -o content_filter=
>
> To something like this
> smtp inet n - - - -
> smtpd -o content_filter=smtp:[ 127.0.0.1]:10024
> localhost:25 inet n - - - -
> smtpd -o content_filter=smtp:[127.0.0.1]:10024
> localhost:10025 inet n - - - -
> smtpd -o content_filter=smtp:[127.0.0.1]:10024
>
> Filtering the localhost generated mails.
> But I donno if it's the right approach.
>
> Any help appreciated
>
> Cheers
This seems to be a Postfix related question, and has nothing to do with SpamAssassin.
Maybe Postfix has a forum or mailing list?
Re: Scanning mailer-daemon bounces generated by localhost
Posted by sacoo sacoo <es...@gmail.com>.
On 8/22/07, Justin Mason <jm...@jmason.org> wrote:
>
>
> hi --
>
> What you want is the VBounce ruleset, including in SpamAssassin 3.2.x or
> downloadable for 3.1.x here:
> http://wiki.apache.org/spamassassin/VBounceRuleset . It's designed
> to deal with exactly what you're describing.
Yeah I saw the VBounce rules before posting, but those rules are to stop the
bounces reaching any of my servers , what I want to do is to use the default
filter set with the bounces my own server is generating cause of the spam
filters of my customers.
The mails generated by MAILER-DAEMON@myserver.domain contain the typical
string like
"I'm sorry to have to inform you that your message could not bebe delivered
to one or more recipients. It's attached below ........"
And then it contains the content of the rejected mail (might be spam or
not). In a sample case after doing the spamassassin -t spam.txt I get this
(21,7points) and I would drop the mail and avoid the overhead of my server
trying to deliver it to a non-existant source:
Content analysis details: (21.7 points, 5.0 required)
I cannot post the whole result because the message gets rejected as spam :P
--j.
>
> sacoo sacoo writes:
> > Well, maybe I didn't explain it properly we are not providing relay for
> the
> > outgoing mail, we are only filtering for viruses/spam the incoming mails
> and
> > the part that are junk of them are the ones bouncing to us and giving
> > problems.
> >
> > Relay service is a non-op in the current spam war. If you
> > > do what you are trying to do here, then legitimate bounce messages
> > > will also be dropped and thus you'll be decreasing the quality of
> > > their service. (and if you don't, you'll be creating backscatter)
> >
> >
> > If I achieved what I'm trying there should been that much of problem:
> > .- Only bounces generated by spammy mails would be marked as spam
> (exactly
> > the same that would have been marked using the usual antispam)
> minimalizing
> > the legitimate bounces discarded.
> > .- And these way we will minimize the backskatter we are providing
> >
> >
> > On 8/21/07, Jo Rhett <jr...@netconsonance.com> wrote:
> > >
> > > Really the only way to solve this properly is to stop providing relay
> > > service. Relay service is a non-op in the current spam war. If you
> > > do what you are trying to do here, then legitimate bounce messages
> > > will also be dropped and thus you'll be decreasing the quality of
> > > their service. (and if you don't, you'll be creating backscatter)
> > >
> > > It's a no-win scenario. If they do their own spam scanning, they
> > > should accept the mail directly.
> > >
> > > On Aug 21, 2007, at 8:49 AM, sacoo sacoo wrote:
> > > > It must been asked before, but I couldn't find any suitable, will
> > > > be glad if
> > > > you point me somewhere...
> > > > In our company we have the (mailer-exchange -> spam-scanner ->
> > > > customers
> > > > with their own mail servers) topology.
> > > > We relay mail to them but some of them don't have the spam service
> > > > with us
> > > > and prefer to have it on their side, then we are all the time
> > > > getting the
> > > > spam we forward rejected, our spam server generates a bounce (From:
> > > > MAILER-DAEMON@ourserver.domain (Mail Delivery System)).
> > > > This bounce keeps bouncing there until expires increasing the load
> > > > of our
> > > > server.
> > > > We would like to know if there is any way to force the filtering
> > > > the mails
> > > > from MAILER-DAEMON@ourserver.domain.
> > > >
> > > > As far, the only guess i found was to modify the master.cf somehow
> > > > from
> > > > this:
> > > > smtp inet n - - - - smtpd -o
> > > > content_filter=smtp:[127.0.0.1]:10024
> > > > localhost:10025 inet n - n - -
> > > > smtpd -o
> > > > content_filter=
> > > >
> > > > To something like this
> > > > smtp inet n - - - - smtpd -o
> > > > content_filter=smtp:[127.0.0.1]:10024
> > > > localhost:25 inet n - - - -
> > > > smtpd -o
> > > > content_filter=smtp:[127.0.0.1]:10024
> > > > localhost:10025 inet n - - - -
> > > > smtpd -o
> > > > content_filter=smtp:[127.0.0.1]:10024
> > > >
> > > > Filtering the localhost generated mails.
> > > > But I donno if it's the right approach.
> > > >
> > > > Any help appreciated
> > > >
> > > > Cheers
> > >
> > > --
> > > Jo Rhett
> > > Net Consonance : consonant endings by net philanthropy, open source
> > > and other randomness
> > >
> > >
> > >
>
Re: Scanning mailer-daemon bounces generated by localhost
Posted by sacoo sacoo <es...@gmail.com>.
Well, maybe I didn't explain it properly we are not providing relay for the
outgoing mail, we are only filtering for viruses/spam the incoming mails and
the part that are junk of them are the ones bouncing to us and giving
problems.
Relay service is a non-op in the current spam war. If you
> do what you are trying to do here, then legitimate bounce messages
> will also be dropped and thus you'll be decreasing the quality of
> their service. (and if you don't, you'll be creating backscatter)
If I achieved what I'm trying there should been that much of problem:
.- Only bounces generated by spammy mails would be marked as spam (exactly
the same that would have been marked using the usual antispam) minimalizing
the legitimate bounces discarded.
.- And these way we will minimize the backskatter we are providing
On 8/21/07, Jo Rhett <jr...@netconsonance.com> wrote:
>
> Really the only way to solve this properly is to stop providing relay
> service. Relay service is a non-op in the current spam war. If you
> do what you are trying to do here, then legitimate bounce messages
> will also be dropped and thus you'll be decreasing the quality of
> their service. (and if you don't, you'll be creating backscatter)
>
> It's a no-win scenario. If they do their own spam scanning, they
> should accept the mail directly.
>
> On Aug 21, 2007, at 8:49 AM, sacoo sacoo wrote:
> > It must been asked before, but I couldn't find any suitable, will
> > be glad if
> > you point me somewhere...
> > In our company we have the (mailer-exchange -> spam-scanner ->
> > customers
> > with their own mail servers) topology.
> > We relay mail to them but some of them don't have the spam service
> > with us
> > and prefer to have it on their side, then we are all the time
> > getting the
> > spam we forward rejected, our spam server generates a bounce (From:
> > MAILER-DAEMON@ourserver.domain (Mail Delivery System)).
> > This bounce keeps bouncing there until expires increasing the load
> > of our
> > server.
> > We would like to know if there is any way to force the filtering
> > the mails
> > from MAILER-DAEMON@ourserver.domain.
> >
> > As far, the only guess i found was to modify the master.cf somehow
> > from
> > this:
> > smtp inet n - - - - smtpd -o
> > content_filter=smtp:[127.0.0.1]:10024
> > localhost:10025 inet n - n - -
> > smtpd -o
> > content_filter=
> >
> > To something like this
> > smtp inet n - - - - smtpd -o
> > content_filter=smtp:[127.0.0.1]:10024
> > localhost:25 inet n - - - -
> > smtpd -o
> > content_filter=smtp:[127.0.0.1]:10024
> > localhost:10025 inet n - - - -
> > smtpd -o
> > content_filter=smtp:[127.0.0.1]:10024
> >
> > Filtering the localhost generated mails.
> > But I donno if it's the right approach.
> >
> > Any help appreciated
> >
> > Cheers
>
> --
> Jo Rhett
> Net Consonance : consonant endings by net philanthropy, open source
> and other randomness
>
>
>
Re: Scanning mailer-daemon bounces generated by localhost
Posted by Jo Rhett <jr...@netconsonance.com>.
Really the only way to solve this properly is to stop providing relay
service. Relay service is a non-op in the current spam war. If you
do what you are trying to do here, then legitimate bounce messages
will also be dropped and thus you'll be decreasing the quality of
their service. (and if you don't, you'll be creating backscatter)
It's a no-win scenario. If they do their own spam scanning, they
should accept the mail directly.
On Aug 21, 2007, at 8:49 AM, sacoo sacoo wrote:
> It must been asked before, but I couldn't find any suitable, will
> be glad if
> you point me somewhere...
> In our company we have the (mailer-exchange -> spam-scanner ->
> customers
> with their own mail servers) topology.
> We relay mail to them but some of them don't have the spam service
> with us
> and prefer to have it on their side, then we are all the time
> getting the
> spam we forward rejected, our spam server generates a bounce (From:
> MAILER-DAEMON@ourserver.domain (Mail Delivery System)).
> This bounce keeps bouncing there until expires increasing the load
> of our
> server.
> We would like to know if there is any way to force the filtering
> the mails
> from MAILER-DAEMON@ourserver.domain.
>
> As far, the only guess i found was to modify the master.cf somehow
> from
> this:
> smtp inet n - - - - smtpd -o
> content_filter=smtp:[127.0.0.1]:10024
> localhost:10025 inet n - n - -
> smtpd -o
> content_filter=
>
> To something like this
> smtp inet n - - - - smtpd -o
> content_filter=smtp:[127.0.0.1]:10024
> localhost:25 inet n - - - -
> smtpd -o
> content_filter=smtp:[127.0.0.1]:10024
> localhost:10025 inet n - - - -
> smtpd -o
> content_filter=smtp:[127.0.0.1]:10024
>
> Filtering the localhost generated mails.
> But I donno if it's the right approach.
>
> Any help appreciated
>
> Cheers
--
Jo Rhett
Net Consonance : consonant endings by net philanthropy, open source
and other randomness