Spam Filter ISP Support Forum

  New Posts New Posts RSS Feed - Black/White lists
  FAQ FAQ  Forum Search   Register Register  Login Login

Black/White lists

 Post Reply Post Reply
Author
Nathan View Drop Down
Guest Group
Guest Group
Post Options Post Options   Thanks (0) Thanks(0)   Quote Nathan Quote  Post ReplyReply Direct Link To This Post Topic: Black/White lists
    Posted: 07 July 2003 at 3:44am

I have customers on ADSL connections who use my servers to send mail.

If I use spamfilter it block them from getting mail out. The only way I can make it work is to add a wildcard address to the excluded from addresses list, this then means that their email will not pass through the keyword filter, which defeats the purpose of having a spam filter in the first place.

Anyone got any suggestions.

Thanks
Nathan.

Back to Top
Jack View Drop Down
Guest Group
Guest Group
Post Options Post Options   Thanks (0) Thanks(0)   Quote Jack Quote  Post ReplyReply Direct Link To This Post Posted: 07 July 2003 at 10:18am

How are you configured?  SpamFilter and SMTP on the same machine? Different machines?  What you want to do is easily accomplished, we just need to know how you are set-up so we can give you the best solution.

Jack

Back to Top
Nathan View Drop Down
Guest Group
Guest Group
Post Options Post Options   Thanks (0) Thanks(0)   Quote Nathan Quote  Post ReplyReply Direct Link To This Post Posted: 07 July 2003 at 12:15pm

It is setup on a seperate machine to the mail server.

Nathan...

Back to Top
LogSat View Drop Down
Admin Group
Admin Group
Avatar

Joined: 25 January 2005
Location: United States
Status: Offline
Points: 4065
Post Options Post Options   Thanks (0) Thanks(0)   Quote LogSat Quote  Post ReplyReply Direct Link To This Post Posted: 07 July 2003 at 4:18pm

Nathan,

SpamFilter is designed to process incoming email only by acting as a proxy to your mail server. The main thing to remember is that outgoing email from inside your network to the internet should never pass thru SpamFilter. There are several ways to configure your network to enable this to happen.

Assume your SMTP server is mail.abc.com. You don't want to change that, so your clients will always point their outgoing mail to that.

If your mail server is behind a firewall, and the firewall allows is, all you need to do is to configure the firewall so that incoming connections on port 25 are sent to the IP SpamFilter is listening on (different than mail.abc.com), rather than sending them to your SMTP server. Then configure SpamFilter to forward email to your SMTP server.

If the above is not possible, you can change the MX record in your DNS to point to the name/IP SpamFilter is configured for. SpamFilter then forwards to your SMTP server. The IP/name of your SMTP server does not change.

There are a few more postings on this subject on this, along with a sample DNS configuration for the second option at http://www.logsat.com/spamfilter/details.asp

Roberto Franceschetti
LogSart Software

Back to Top
Robert View Drop Down
Guest Group
Guest Group
Post Options Post Options   Thanks (0) Thanks(0)   Quote Robert Quote  Post ReplyReply Direct Link To This Post Posted: 09 July 2003 at 1:16am

Nathan,

If your subscribers have fixed ip addresses, you can whitelist their addresses. I have done that successfully for several groups that I host here locally.

Unfortunately fixed IP is not as common for residential services, so this may or may not apply to your subscribers.

For folks on variable IP services, I am looking at installing two separate SMTP paths, as I have a similar problem facing one group that I support overseas. One path would be "public", anonymous (non-authenticated) access, and filtered by SpamFilter. The other path would be "private", authenticatated SMTP, and not filtered. I'm planning to use two host names, each pointing to a different IP.

Alternatively, you may be able to take advantage of typical DSL IP assignment strategies in order to limit your exposure to whitelisting IP addresses. When solving a VPN-related problem, I observed that cable and dsl routers assign IP addresses across class B or C address spaces. Mostly I saw addresses vary within a class C. I cannot speak to the general validity of this worldwide, but I've seen it both in US and Aus. My solution was to allow connections from the class C range using wildcards. Our equivalent with SpamFilter would be to whitelist the class C in which each subscriber operates. If you have any volume of subscribers, the 2 path SMTP solution is simpler to administer, as there's no way to keep track of "who uses what IP range" once you've added the range to the IP whitelist. If you have only a small number of subscribers impacted by this situation, however, this may work as a quick fix. You still have the problem that your SMTP server (probably) is an open relay to anyone on any of the whitelisted class C address spaces. You'll have to assess that risk yourself.

Hope this helps.

Robert Shelton

Back to Top
 Post Reply Post Reply
  Share Topic   

Forum Jump Forum Permissions View Drop Down



This page was generated in 0.063 seconds.