Print Page | Close Window

Wish List

Printed From: LogSat Software
Category: Spam Filter ISP
Forum Name: Spam Filter ISP Support
Forum Description: General support for Spam Filter ISP
URL: http://www.logsat.com/spamfilter/forums/forum_posts.asp?TID=5219
Printed Date: 22 October 2017 at 5:09pm


Topic: Wish List
Posted By: Desperado
Subject: Wish List
Date Posted: 08 June 2005 at 4:20pm

I *wish* the autowhitelist function would ignore any case on either side of the pipe (|)

Waddauthink?

Regards,



-------------
The Desperado
Dan Seligmann.
Work: http://www.mags.net
Personal: http://www.desperado.com




Replies:
Posted By: Desperado
Date Posted: 09 June 2005 at 11:53am

Anybody gonna comment on this?

Regards,



-------------
The Desperado
Dan Seligmann.
Work: http://www.mags.net
Personal: http://www.desperado.com



Posted By: jacksun
Date Posted: 12 June 2005 at 2:08pm
I agree, case should never be a consideration WRT email.
 
Great Idea Dan.
 
Cheers,
Wayne


Posted By: LogSat
Date Posted: 12 June 2005 at 2:46pm
More than a "wish" that should be considered a bug, jacksun is correct.

We'll be uploading a new build with the fix within the next few hours.


-------------
Roberto Franceschetti

http://www.logsat.com" rel="nofollow - LogSat Software

http://www.logsat.com/sfi-spam-filter.asp" rel="nofollow - Spam Filter ISP


Posted By: Desperado
Date Posted: 12 June 2005 at 2:52pm

Roberto,

Thanks ... and if I have not said so recently ... you are the King!.

Now ... can you fix my friggin air handling system?  I had to run into work to resopnd to an over temp alarm.  97 degrees in our server room.  Not good!

Regards,



-------------
The Desperado
Dan Seligmann.
Work: http://www.mags.net
Personal: http://www.desperado.com



Posted By: kspare
Date Posted: 13 June 2005 at 2:32am

We had the same problem too, just doubled our a/c capacity.

Roberto, any way you can setup the honeypot so we can whitelist ips to not be affected by it?

My offsite spamfilter is forwarding mail on and somehow the honey pot is seeing email address's that the offsite found in the honey pot, tagged the subject line, but is still found my the honey pot and blocked.

PLEASE! I can't use my offsite mx anymore



Posted By: Desperado
Date Posted: 13 June 2005 at 7:42am

Kevin,

No sleep and burned out.  Can you re-word your above post?

Offsite or backup SMTP is always going to be a trade off irregardless of the software.  We do backup smtp for many customers using a simple queuing server and many of the customers primary servers are Spam Filtering appliances.  Their server must "Trust" our server and as such they loose any benefits of filtering on the connection IP address such as rdns, dnsbl's and so on.  SOME, but not all of their servers can still filter on keywords even if the IP is White Listed but that has only a small value so they live with it.

I think that one solution to this issue (which may not be very easy ... not knowing the internals of the SpamFilter software) would be to have an IP Whitelist, just like now and an IP relay list which would allow the backup to connect and instruct the SpamFilter to attempt to look at the IP that originally connected to the backup server.  I fear that this would cause some significant overhead though.

Regards,



-------------
The Desperado
Dan Seligmann.
Work: http://www.mags.net
Personal: http://www.desperado.com



Posted By: kspare
Date Posted: 13 June 2005 at 9:40am

Actually the only problem we have is with the honey pot, I just need to be able to tell the honey pot not to block that ip and it would work fine. I used it as it sits for awhile until I turned on the honey pot, that's where my problems started



Posted By: Marco
Date Posted: 13 June 2005 at 11:02am
in case the honeypot is triggered, compare the originating ip with the ones in the (to be added) 'relay ip list' and if matched, drop the mail, but DO NOT blacklist the relay's ip.

-------------
Anyone who is capable of getting himself made president, should on no account be allowed to do the job. D.Adams


Posted By: LogSat
Date Posted: 13 June 2005 at 7:24pm
Marco,

Just posted the following to the other thread at http://logsat.com/spamfilter/forums/forum_posts.asp?TID=5217 #6068

=============

SpamFilter should really see the original IP of the sender when procesing emails. If SpamFilter handles emails that are being relayed by a "friendly" server, then things are bound to go wrong, not just with the honeypot file. Think about the SPF filter for example... If the IP of the server connecting to SpamFilter is not listed in the SPF DNS record of the sender, the email will be rejected. And if your secondary is forwarding emails to SpamFilter, that *will* cause a big issue.

The mains solutions that come to mind are to:
(1) place SpamFilter (or any other antispam software) in front of all the servers listed as MX records,
or (2) forward the email from the secondaries directly to your main SMTP server, bypassing the main spam filter.
or (3) install a second SpamFilter on a separate IP or separate server, configure it skip ALL IP-based tests (reverse-DNS, country, SPF, MAPS-RBL, IP blacklists, MX checks etc.), and have the secondary forward emails to this lesser-featured SpamFilter.



-------------
Roberto Franceschetti

http://www.logsat.com" rel="nofollow - LogSat Software

http://www.logsat.com/sfi-spam-filter.asp" rel="nofollow - Spam Filter ISP


Posted By: Guests
Date Posted: 19 June 2005 at 9:44pm

Iam  because my sister  a girl.



Posted By: Guests
Date Posted: 21 June 2005 at 9:59am
I vote for option #2 below.  We already do this with our user's mail clients.  We have them all set to a non-standard SMTP port that bypasses our spamfilter and goes straight to our mail server.  Then we don't trust nothing that hits on SMTP 25 that claims to be from a domain that we are hosting because we already know every legitimate user should be using our proprietary SMTP port.  Puts a brick wall up on all those new worms out there and allows us to use a single public IP for both mail server and spamfilter.  We were using this method long before SPF came about and it's actually a little more effective on our own domains, as we don't trust anything being relayed out on port 25 from our own domains...even from IP's authorized in our SPF records.

Guess we can look at setting up a backup SMTP server to do the same thing by bypassing our in-house filter and just filter from the remote backup server.

Originally posted by LogSat LogSat wrote:

Marco,

Just posted the following to the other thread at http://logsat.com/spamfilter/forums/forum_posts.asp?TID=5217 #6068

=============

SpamFilter should really see the original IP of the sender when procesing emails. If SpamFilter handles emails that are being relayed by a "friendly" server, then things are bound to go wrong, not just with the honeypot file. Think about the SPF filter for example... If the IP of the server connecting to SpamFilter is not listed in the SPF DNS record of the sender, the email will be rejected. And if your secondary is forwarding emails to SpamFilter, that *will* cause a big issue.

The mains solutions that come to mind are to:
(1) place SpamFilter (or any other antispam software) in front of all the servers listed as MX records,
or (2) forward the email from the secondaries directly to your main SMTP server, bypassing the main spam filter.
or (3) install a second SpamFilter on a separate IP or separate server, configure it skip ALL IP-based tests (reverse-DNS, country, SPF, MAPS-RBL, IP blacklists, MX checks etc.), and have the secondary forward emails to this lesser-featured SpamFilter.




Print Page | Close Window