Spam Filter ISP Support Forum

  New Posts New Posts RSS Feed - Wish List
  FAQ FAQ  Forum Search   Register Register  Login Login

Wish List

 Post Reply Post Reply
Author
Desperado View Drop Down
Senior Member
Senior Member
Avatar

Joined: 27 January 2005
Location: United States
Status: Offline
Points: 1143
Post Options Post Options   Thanks (0) Thanks(0)   Quote Desperado Quote  Post ReplyReply Direct Link To This Post Topic: Wish List
    Posted: 08 June 2005 at 4:20pm

I *wish* the autowhitelist function would ignore any case on either side of the pipe (|)

Waddauthink?

Regards,

The Desperado
Dan Seligmann.
Work: http://www.mags.net
Personal: http://www.desperado.com

Back to Top
Desperado View Drop Down
Senior Member
Senior Member
Avatar

Joined: 27 January 2005
Location: United States
Status: Offline
Points: 1143
Post Options Post Options   Thanks (0) Thanks(0)   Quote Desperado Quote  Post ReplyReply Direct Link To This Post Posted: 09 June 2005 at 11:53am

Anybody gonna comment on this?

Regards,

The Desperado
Dan Seligmann.
Work: http://www.mags.net
Personal: http://www.desperado.com

Back to Top
jacksun View Drop Down
Newbie
Newbie


Joined: 24 February 2005
Status: Offline
Points: 31
Post Options Post Options   Thanks (0) Thanks(0)   Quote jacksun Quote  Post ReplyReply Direct Link To This Post Posted: 12 June 2005 at 2:08pm
I agree, case should never be a consideration WRT email.
 
Great Idea Dan.
 
Cheers,
Wayne
Back to Top
LogSat View Drop Down
Admin Group
Admin Group
Avatar

Joined: 25 January 2005
Location: United States
Status: Offline
Points: 4068
Post Options Post Options   Thanks (0) Thanks(0)   Quote LogSat Quote  Post ReplyReply Direct Link To This Post Posted: 12 June 2005 at 2:46pm
More than a "wish" that should be considered a bug, jacksun is correct.

We'll be uploading a new build with the fix within the next few hours.
Roberto Franceschetti

LogSat Software

Spam Filter ISP
Back to Top
Desperado View Drop Down
Senior Member
Senior Member
Avatar

Joined: 27 January 2005
Location: United States
Status: Offline
Points: 1143
Post Options Post Options   Thanks (0) Thanks(0)   Quote Desperado Quote  Post ReplyReply Direct Link To This Post Posted: 12 June 2005 at 2:52pm

Roberto,

Thanks ... and if I have not said so recently ... you are the King!.

Now ... can you fix my friggin air handling system?  I had to run into work to resopnd to an over temp alarm.  97 degrees in our server room.  Not good!

Regards,

The Desperado
Dan Seligmann.
Work: http://www.mags.net
Personal: http://www.desperado.com

Back to Top
kspare View Drop Down
Senior Member
Senior Member


Joined: 26 January 2005
Location: Canada
Status: Offline
Points: 334
Post Options Post Options   Thanks (0) Thanks(0)   Quote kspare Quote  Post ReplyReply Direct Link To This Post Posted: 13 June 2005 at 2:32am

We had the same problem too, just doubled our a/c capacity.

Roberto, any way you can setup the honeypot so we can whitelist ips to not be affected by it?

My offsite spamfilter is forwarding mail on and somehow the honey pot is seeing email address's that the offsite found in the honey pot, tagged the subject line, but is still found my the honey pot and blocked.

PLEASE! I can't use my offsite mx anymore

Back to Top
Desperado View Drop Down
Senior Member
Senior Member
Avatar

Joined: 27 January 2005
Location: United States
Status: Offline
Points: 1143
Post Options Post Options   Thanks (0) Thanks(0)   Quote Desperado Quote  Post ReplyReply Direct Link To This Post Posted: 13 June 2005 at 7:42am

Kevin,

No sleep and burned out.  Can you re-word your above post?

Offsite or backup SMTP is always going to be a trade off irregardless of the software.  We do backup smtp for many customers using a simple queuing server and many of the customers primary servers are Spam Filtering appliances.  Their server must "Trust" our server and as such they loose any benefits of filtering on the connection IP address such as rdns, dnsbl's and so on.  SOME, but not all of their servers can still filter on keywords even if the IP is White Listed but that has only a small value so they live with it.

I think that one solution to this issue (which may not be very easy ... not knowing the internals of the SpamFilter software) would be to have an IP Whitelist, just like now and an IP relay list which would allow the backup to connect and instruct the SpamFilter to attempt to look at the IP that originally connected to the backup server.  I fear that this would cause some significant overhead though.

Regards,

The Desperado
Dan Seligmann.
Work: http://www.mags.net
Personal: http://www.desperado.com

Back to Top
kspare View Drop Down
Senior Member
Senior Member


Joined: 26 January 2005
Location: Canada
Status: Offline
Points: 334
Post Options Post Options   Thanks (0) Thanks(0)   Quote kspare Quote  Post ReplyReply Direct Link To This Post Posted: 13 June 2005 at 9:40am

Actually the only problem we have is with the honey pot, I just need to be able to tell the honey pot not to block that ip and it would work fine. I used it as it sits for awhile until I turned on the honey pot, that's where my problems started

Back to Top
Marco View Drop Down
Senior Member
Senior Member
Avatar

Joined: 07 June 2005
Location: Netherlands
Status: Offline
Points: 137
Post Options Post Options   Thanks (0) Thanks(0)   Quote Marco Quote  Post ReplyReply Direct Link To This Post Posted: 13 June 2005 at 11:02am
in case the honeypot is triggered, compare the originating ip with the ones in the (to be added) 'relay ip list' and if matched, drop the mail, but DO NOT blacklist the relay's ip.
Anyone who is capable of getting himself made president, should on no account be allowed to do the job. D.Adams
Back to Top
LogSat View Drop Down
Admin Group
Admin Group
Avatar

Joined: 25 January 2005
Location: United States
Status: Offline
Points: 4068
Post Options Post Options   Thanks (0) Thanks(0)   Quote LogSat Quote  Post ReplyReply Direct Link To This Post Posted: 13 June 2005 at 7:24pm
Marco,

Just posted the following to the other thread at http://logsat.com/spamfilter/forums/forum_posts.asp?TID=5217 #6068

=============

SpamFilter should really see the original IP of the sender when procesing emails. If SpamFilter handles emails that are being relayed by a "friendly" server, then things are bound to go wrong, not just with the honeypot file. Think about the SPF filter for example... If the IP of the server connecting to SpamFilter is not listed in the SPF DNS record of the sender, the email will be rejected. And if your secondary is forwarding emails to SpamFilter, that *will* cause a big issue.

The mains solutions that come to mind are to:
(1) place SpamFilter (or any other antispam software) in front of all the servers listed as MX records,
or (2) forward the email from the secondaries directly to your main SMTP server, bypassing the main spam filter.
or (3) install a second SpamFilter on a separate IP or separate server, configure it skip ALL IP-based tests (reverse-DNS, country, SPF, MAPS-RBL, IP blacklists, MX checks etc.), and have the secondary forward emails to this lesser-featured SpamFilter.

Roberto Franceschetti

LogSat Software

Spam Filter ISP
Back to Top
Jonathan View Drop Down
Guest Group
Guest Group
Post Options Post Options   Thanks (0) Thanks(0)   Quote Jonathan Quote  Post ReplyReply Direct Link To This Post Posted: 19 June 2005 at 9:44pm

Iam  because my sister  a girl.

Back to Top
Fred Dickey View Drop Down
Guest Group
Guest Group
Post Options Post Options   Thanks (0) Thanks(0)   Quote Fred Dickey Quote  Post ReplyReply Direct Link To This Post Posted: 21 June 2005 at 9:59am
I vote for option #2 below.  We already do this with our user's mail clients.  We have them all set to a non-standard SMTP port that bypasses our spamfilter and goes straight to our mail server.  Then we don't trust nothing that hits on SMTP 25 that claims to be from a domain that we are hosting because we already know every legitimate user should be using our proprietary SMTP port.  Puts a brick wall up on all those new worms out there and allows us to use a single public IP for both mail server and spamfilter.  We were using this method long before SPF came about and it's actually a little more effective on our own domains, as we don't trust anything being relayed out on port 25 from our own domains...even from IP's authorized in our SPF records.

Guess we can look at setting up a backup SMTP server to do the same thing by bypassing our in-house filter and just filter from the remote backup server.

Originally posted by LogSat LogSat wrote:

Marco,

Just posted the following to the other thread at http://logsat.com/spamfilter/forums/forum_posts.asp?TID=5217 #6068

=============

SpamFilter should really see the original IP of the sender when procesing emails. If SpamFilter handles emails that are being relayed by a "friendly" server, then things are bound to go wrong, not just with the honeypot file. Think about the SPF filter for example... If the IP of the server connecting to SpamFilter is not listed in the SPF DNS record of the sender, the email will be rejected. And if your secondary is forwarding emails to SpamFilter, that *will* cause a big issue.

The mains solutions that come to mind are to:
(1) place SpamFilter (or any other antispam software) in front of all the servers listed as MX records,
or (2) forward the email from the secondaries directly to your main SMTP server, bypassing the main spam filter.
or (3) install a second SpamFilter on a separate IP or separate server, configure it skip ALL IP-based tests (reverse-DNS, country, SPF, MAPS-RBL, IP blacklists, MX checks etc.), and have the secondary forward emails to this lesser-featured SpamFilter.

Back to Top
 Post Reply Post Reply
  Share Topic   

Forum Jump Forum Permissions View Drop Down



This page was generated in 0.078 seconds.