Feature #3302
Use DNSBL to fight spam
Status: | CLOSED | Start date: | ||
---|---|---|---|---|
Priority: | Normal | Due date: | ||
Assignee: | - | % Done: | 100% | |
Category: | nethserver-mail-filter | |||
Target version: | v6.7 | |||
Resolution: | NEEDINFO: | No |
Description
- at connection stage
- as spamassassin rules
Method 1 is already implemented blocking SMTP connections from listed spammer servers.
Method 2 is the subject of this issue.
Related issues
Associated revisions
mail-filter: support DNSBL. Refs #3302
History
#1 Updated by Filippo Carletti almost 6 years ago
- Related to Feature #3294: Add unbound as DNS resolver for DNSBLs added
#2 Updated by Filippo Carletti almost 6 years ago
- Status changed from NEW to TRIAGED
- Assignee set to Filippo Carletti
- % Done changed from 0 to 20
- a resolver (see related issue)
- some custom rules for spamassassin
- integrating unbound with dnsmasq
Links:
http://www.pccc.com/downloads/SpamAssassin/contrib/KAM.cf
http://vdhout.nl/2015/05/additional-spamassassin-dnsbls
#3 Updated by Filippo Carletti almost 6 years ago
- Status changed from TRIAGED to ON_DEV
- % Done changed from 20 to 30
#4 Updated by Filippo Carletti almost 6 years ago
- Status changed from ON_DEV to MODIFIED
- Assignee deleted (
Filippo Carletti) - % Done changed from 30 to 60
#5 Updated by Filippo Carletti almost 6 years ago
- Status changed from MODIFIED to ON_QA
- % Done changed from 60 to 70
In nethserver-testing:
nethserver-mail-filter-1.3.3-1.3.gcb1395c.ns6.noarch.rpm
Test case 1 - fresh nethserver installation
Prior to update check that DNSBL queries fail (they usually do if you set the DNS to 8.8.8.8 or your ISP DNS)
# host -tTXT 2.0.0.127.multi.uribl.com 2.0.0.127.multi.uribl.com descriptive text "127.0.0.1 -> Query Refused. See http://uribl.com/refused.shtml for more information [Your DNS IP: 74.125.181.194]"
Install nethserver-mail-filter from nethserver-testing and check again:
# host -tTXT 2.0.0.127.multi.uribl.com 2.0.0.127.multi.uribl.com descriptive text "permanent testpoint"
Also, update should install as a dependency nethserver-unbound.
/var/log/messages should show:
Oct 30 16:25:19 nscom dnsmasq[5115]: using nameserver 127.0.0.1#10053 for domain spamhaus.org Oct 30 16:25:19 nscom dnsmasq[5115]: using nameserver 127.0.0.1#10053 for domain dnswl.org Oct 30 16:25:19 nscom dnsmasq[5115]: using nameserver 127.0.0.1#10053 for domain uribl.com
Test case 2 - update a nethserver already using the mail server filter
As above, check uribl before and after upgrade.
Then receive some emails and check both email headers and /var/log/maillog.
#6 Updated by Alessio Fattorini almost 6 years ago
- Assignee set to Alessio Fattorini
#7 Updated by Alessio Fattorini almost 6 years ago
Test case 2 - fresh install
System and Package Version installed
NethServer 6.7 fresh installation
Package Installed: nothing
Other Package installed: nothing
Test Original Problem
host -tTXT 2.0.0.127.multi.uribl.com 2.0.0.127.multi.uribl.com descriptive text "127.0.0.1 -> Query Refused. See http://uribl.com/refused.shtml
Install Updated Package
yum --enablerepo=nethserver-testing install nethserver-mail-filter
Test Results after update
[root@localhost ~]# host -tTXT 2.0.0.127.multi.uribl.com 2.0.0.127.multi.uribl.com descriptive text "permanent testpoint"
messages:
Nov 4 18:14:32 localhost dnsmasq[671]: using nameserver 127.0.0.1#10053 for domain spamhaus.org Nov 4 18:14:32 localhost dnsmasq[671]: using nameserver 127.0.0.1#10053 for domain dnswl.org Nov 4 18:14:32 localhost dnsmasq[671]: using nameserver 127.0.0.1#10053 for domain uribl.com Nov 4 18:14:32 localhost dnsmasq[671]: using nameserver 8.8.8.8#53
Verified Or Reopen
Verified Test case 2
#8 Updated by Alessio Fattorini almost 6 years ago
- Status changed from ON_QA to VERIFIED
- % Done changed from 70 to 90
System and Package Version installed
...
Package Installed: nethserver-mail-filter.noarch 0:1.3.3-1.ns6
Other Package installed: ...
Test Original Problem
host -tTXT 2.0.0.127.multi.uribl.com
2.0.0.127.multi.uribl.com descriptive text "127.0.0.1 -> Query Refused. See http://uribl.com/refused.shtml for more information [Your DNS IP: 74.125.181.31]"
Install Updated Package
yum --enablerepo=nethserver-testing update nethserver-mail-filter
Test Results after update
host -tTXT 2.0.0.127.multi.uribl.com 2.0.0.127.multi.uribl.com descriptive text "permanent testpoint"
messages
Nov 5 12:02:16 localhost dnsmasq[3782]: using nameserver 127.0.0.1#10053 for domain spamhaus.org Nov 5 12:02:16 localhost dnsmasq[3782]: using nameserver 127.0.0.1#10053 for domain dnswl.org Nov 5 12:02:16 localhost dnsmasq[3782]: using nameserver 127.0.0.1#10053 for domain uribl.com Nov 5 12:02:16 localhost dnsmasq[3782]: using nameserver 8.8.8.8#53
Verified Or Reopen
Verified test Case 2
#9 Updated by Giacomo Sanchietti over 5 years ago
- Assignee deleted (
Alessio Fattorini)
#10 Updated by Giacomo Sanchietti over 5 years ago
- Status changed from VERIFIED to CLOSED
- % Done changed from 90 to 100
- nethserver-mail-filter-1.3.4-1.ns6.noarch.rpm