Spam wird immer mehr

Dieses Thema im Forum "Installation und Konfiguration" wurde erstellt von redi78, 22. Okt. 2008.

  1. redi78

    redi78 Member

    Hallo Leute,

    also ich verwende ISPConfig 2.2.26 und habe bei meinen Usern überall Spamassassin samt AntiVirus aktiviert. Zusätzlich habe ich das Häckchen bei URIBL gesetzt. Spam-Whitelist und Spam-Blacklist Felder sind leer.

    Hier poste ich mal die Ausgabe von postconf -n:

    Code:
    alias_database = hash:/etc/aliases
    alias_maps = hash:/etc/aliases
    allow_percent_hack = no
    append_dot_mydomain = no
    biff = no
    broken_sasl_auth_clients = yes
    config_directory = /etc/postfix
    disable_vrfy_command = yes
    inet_interfaces = all
    inet_protocols = all
    mailbox_command = procmail -a "$EXTENSION"
    mailbox_size_limit = 0
    maps_rbl_domains = relays.ordb.org,                       
    proxies.blackholes.wirehub.net,                       
    dsn.rfc-ignorant.org,                       
    postmaster.rfc-ignorant.org,                       
    abuse.rfc-ignorant.org,                       
    unconfirmed.dsbl.org,                       
    list.dsbl.org,                       
    dynablock.wirehub.net,                       
    cn-kr.blackholes.us                       
    relays.osirusoft.com                       
    dialups.relays.osirusoft.com                        inputs.orbz.org
    message_size_limit = 104857600
    mydestination = /etc/postfix/local-host-names
    myhostname = mail.goldbergmusikanten.at
    mynetworks = 127.0.0.0/8
    myorigin = /etc/mailname
    recipient_delimiter = +
    relayhost = mgate.chello.at
    smtp_sasl_auth_enable = yes
    smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
    smtp_sasl_security_options =
    smtp_tls_note_starttls_offer = yes
    smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
    smtp_use_tls = yes
    smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
    smtpd_data_restrictions = reject_unauth_pipelining,  permit
    smtpd_helo_required = yes
    smtpd_recipient_restrictions = permit_mynetworks, 
    permit_sasl_authenticated,  reject_invalid_hostname, 
    reject_non_fqdn_hostname,  reject_non_fqdn_sender, 
    reject_non_fqdn_recipient,  reject_unknown_sender_domain, 
    reject_unknown_recipient_domain,  reject_unauth_destination, 
    reject_unlisted_recipient,  reject_unverified_sender 
    reject_rhsbl_sender dsn.rfc-ignorant.org,  permit
    smtpd_sasl_auth_enable = yes
    smtpd_sasl_local_domain =
    smtpd_sasl_security_options = noanonymous
    smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
    smtpd_tls_auth_only = no
    smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
    smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
    smtpd_tls_loglevel = 1
    smtpd_tls_received_header = yes
    smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
    smtpd_tls_session_cache_timeout = 3600s
    smtpd_use_tls = yes
    tls_random_source = dev:/dev/urandom
    virtual_mailbox_limit = 0
    
    Kann ich hier noch etwas verbessern?

    lg redi78
    :confused:
     
  2. Till

    Till Administrator

    Was Du versuchen könntest ist dass Du razor, pyzor und dcc inkl. deren spamassassin plugins installierst. Denk bitte daran, dass die Installation des ISPConfig spamassassin und das globale Config File unter /home/admispconfig/ispconfig/tools/spamassassin/.... liegt.
     
  3. redi78

    redi78 Member

    mhhh was muss denn dann in die local.cf bezüglich razor... usw. eingetragen werden?

    razor, pyzor und dcc habe ich bereits installiert. aber wird bei einem update die local.cf nicht überschrieben?
     
  4. Till

    Till Administrator

    weiß ich so aus dem Kopf auch nicht, schau am besten mal ins spamassassin Wiki.
    Ja, die Datei solltest Du sichern.
     
  5. redi78

    redi78 Member

    habs nun darüber gelöst. spam kommt jetzt annähernd keiner mehr durch:

    Code:
       [FONT=Courier][SIZE=2][FONT=Courier]reject_rbl_client  ix.dnsbl.manitu.net,[/FONT][/SIZE][/FONT]
     [FONT=Courier][SIZE=2][FONT=Courier]reject_rbl_client  dialups.mail-abuse.org,[/FONT][/SIZE][/FONT]
     [FONT=Courier][SIZE=2][FONT=Courier]reject_rbl_client  relays.mail-abuse.org,[/FONT][/SIZE][/FONT]
     [FONT=Courier][SIZE=2][FONT=Courier]reject_rbl_client  cblplus.anti-spam.org.cn,[/FONT][/SIZE][/FONT]
     [FONT=Courier][SIZE=2][FONT=Courier]reject_rbl_client  pbl.spamhaus.org, [/FONT][/SIZE][/FONT]
     [FONT=Courier][SIZE=2][FONT=Courier]reject_rbl_client  sbl.spamhaus.org,[/FONT][/SIZE][/FONT]
     [FONT=Courier][SIZE=2][FONT=Courier]reject_rbl_client  relays.ordb.org,
    reject_rbl_client opm.blitzed.org,
    reject_rbl_client  list.dsbl.org,
    reject_rbl_client cbl.abuseat.org,
    reject_rbl_client  dul.dnsbl.sorbs.net,
    reject_rbl_client  blackholes.easynet.nl,
    reject_rbl_client  proxies.blackholes.wirehub.net,
    reject_rbl_client  bl.spamcop.net,
    reject_rbl_client dnsbl.ahbl.org,[/FONT][/SIZE][/FONT]
     [FONT=Courier][SIZE=2][FONT=Courier]reject_rbl_client  dnsbl.njabl.org,[/FONT][/SIZE][/FONT]
     [FONT=Courier][SIZE=2][FONT=Courier]reject_rbl_client  dnsbl.sorbs.net,[/FONT][/SIZE][/FONT]
     [FONT=Courier][SIZE=2][FONT=Courier]reject_rbl_client  sorbs.dnsbl.net.au,[/FONT][/SIZE][/FONT]
     [FONT=Courier][SIZE=2][FONT=Courier]reject_rbl_client  blackholes.five-ten-sg.com,[/FONT][/SIZE][/FONT]
     [FONT=Courier][SIZE=2][FONT=Courier]reject_rbl_client  hostkarma.junkemailfilter.com,[/FONT][/SIZE][/FONT]
     [FONT=Courier][SIZE=2][FONT=Courier]reject_rbl_client  cbl.anti-spam.org.cn,[/FONT][/SIZE][/FONT]
     [FONT=Courier][SIZE=2][FONT=Courier]reject_rbl_client  cblless.anti-spam.org.cn,[/FONT][/SIZE][/FONT]
     [FONT=Courier][SIZE=2][FONT=Courier]reject_rbl_client  0spam.fusionzero.com,[/FONT][/SIZE][/FONT]
     [FONT=Courier][SIZE=2][FONT=Courier]reject_rbl_client  dnsbl.ahbl.org,[/FONT][/SIZE][/FONT]
     [FONT=Courier][SIZE=2][FONT=Courier]reject_rbl_client  aspews.ext.sorbs.net,[/FONT][/SIZE][/FONT]
     [FONT=Courier][SIZE=2][FONT=Courier]reject_rbl_client  bl.csma.biz,[/FONT][/SIZE][/FONT]
     [FONT=Courier][SIZE=2][FONT=Courier]reject_rbl_client  sbl.csma.biz,[/FONT][/SIZE][/FONT]
     [FONT=Courier][SIZE=2][FONT=Courier]reject_rbl_client  ohps.dnsbl.net.au,[/FONT][/SIZE][/FONT]
     [FONT=Courier][SIZE=2][FONT=Courier]reject_rbl_client  ipwhois.rfc-ignorant.org,[/FONT][/SIZE][/FONT]
     [FONT=Courier][SIZE=2][FONT=Courier]reject_rbl_client  relays.bl.kundenserver.de,[/FONT][/SIZE][/FONT]
     [FONT=Courier][SIZE=2][FONT=Courier]reject_rbl_client  dnsbl.rangers.eu.org,[/FONT][/SIZE][/FONT]
     [FONT=Courier][SIZE=2][FONT=Courier]reject_rbl_client  dnsbl.regedit64.net,[/FONT][/SIZE][/FONT]
     [FONT=Courier][SIZE=2][FONT=Courier]reject_rbl_client  xbl.spamhaus.org,[/FONT][/SIZE][/FONT]
     [FONT=Courier][SIZE=2][FONT=Courier]reject_rhsbl_sender  blackhole.securitysage.com,[/FONT][/SIZE][/FONT]
     [FONT=Courier][SIZE=2][FONT=Courier]reject_rhsbl_client  rhsbl.ahbl.org,[/FONT][/SIZE][/FONT]
     [FONT=Courier][SIZE=2][FONT=Courier]reject_rhsbl_client  whois.rfc-ignorant.org,[/FONT][/SIZE][/FONT]
     [FONT=Courier][SIZE=2][FONT=Courier]reject_rhsbl_client  bogusmx.rfc-ignorant.org,[/FONT][/SIZE][/FONT]
     [FONT=Courier][SIZE=2][FONT=Courier]reject_rhsbl_client  cart00ney.surriel.com,[/FONT][/SIZE][/FONT]
     [FONT=Courier][SIZE=2][FONT=Courier]reject_rhsbl_client  bl.deadbeef.com,[/FONT][/SIZE][/FONT]
     [FONT=Courier][SIZE=2][FONT=Courier]reject_rhsbl_client  endn.dnsbl.net.au,[/FONT][/SIZE][/FONT]
     [FONT=Courier][SIZE=2][FONT=Courier]reject_rhsbl_client  in.dnsbl.org,[/FONT][/SIZE][/FONT]
     [FONT=Courier][SIZE=2][FONT=Courier]reject_rhsbl_client  dsn.rfc-ignorant.org,[/FONT][/SIZE][/FONT]
     [FONT=Courier][SIZE=2][FONT=Courier]reject_rhsbl_client  duhlusers.yamta.org,[/FONT][/SIZE][/FONT]
     [FONT=Courier][SIZE=2][FONT=Courier]reject_rhsbl_client  bulk.rhs.mailpolice.com,[/FONT][/SIZE][/FONT]
     [FONT=Courier][SIZE=2][FONT=Courier]reject_rhsbl_client  porn.rhs.mailpolice.com,[/FONT][/SIZE][/FONT]
     [FONT=Courier][SIZE=2][FONT=Courier]reject_rhsbl_client  abuse.rfc-ignorant.org,[/FONT][/SIZE][/FONT]
     [FONT=Courier][SIZE=2][FONT=Courier]reject_rhsbl_client  postmaster.rfc-ignorant.org,[/FONT][/SIZE][/FONT]
     [FONT=Courier][SIZE=2][FONT=Courier]reject_rhsbl_client  rhsbl.sorbs.net,[/FONT][/SIZE][/FONT]
    
    
    lg redi78
     
  6. Till

    Till Administrator

    Na wenn Du Dir sicher bist, dass jetzt auch noch normale mails ankommen ;) Das Problem mit den ganzen exotischen RBL ist, dass da gerne mal falsche IP's drauf sind.
     

Diese Seite empfehlen