Koozali.org: home of the SME Server

enabling RBL lists on sme7.0

Offline raem

  • *
  • 3,972
  • +4/-0
enabling RBL lists on sme7.0
« on: December 04, 2005, 05:39:55 AM »
As people are apparently using beta releases in production situations, I thought this may be good to spread around at this time.
Note it's applicable to sme 7.0 beta 4 onwards, earlier betas used a colon as a seperator rather than a comma, but later versions use a comma or colon.
I will put it into a HOWTO soon. It's from devinfo posts by Gordon Rowell, thanks to Gordon (& Charlie Brady) for the implementation of qpsmtpd and the instructions.


Instal Procedure: (v7.0 sme server only)

In order to enable the RBL list functionality, the DNSBL plug in for qpsmtpd must be enabled.
A default installation of sme 7.0 has four RBL lists set in the configuration database, these are:
sbl-xbl.spamhaus.org
whois.rfc-ignorant.org
dnsbl.njabl.org
relays.ordb.org

To enable RBL blocking for the default lists do the following
 
/sbin/e-smith/config setprop qpsmtpd DNSBL enabled
/sbin/e-smith/signal-event email-update
svc -t /service/qpsmtpd


To enable RBL blocking for a single list do the following

/sbin/e-smith/config setprop qpsmtpd RBLList sbl-xbl.spamhaus.org
/sbin/e-smith/config setprop qpsmtpd DNSBL enabled
/sbin/e-smith/signal-event email-update
svc -t /service/qpsmtpd


To enable RBL blocking for multiple lists do the following

To add multiple RBLs to the RBLList property, delimit (separate) them with a comma (beta 4 onwards)

/sbin/e-smith/config setprop qpsmtpd RBLList sbl-xbl.spamhaus.org,whois.rfc-ignorant.org,
dnsbl.njabl.org,dnsbl.sorbs.net,relays.ordb.org, bl.spamcop.net
(the above should all be on one line)

/sbin/e-smith/config setprop qpsmtpd DNSBL enabled
/sbin/e-smith/signal-event email-update
svc -t /service/qpsmtpd


To disable RBL blocking do the following

/sbin/e-smith/config setprop qpsmtpd DNSBL disabled
/sbin/e-smith/signal-event email-update
svc -t /service/qpsmtpd


To check your db entries do:

/sbin/e-smith/config show qpsmtpd

which will give an output something like the following
(Note that your servers output may be different depending on your configuration)

qpsmtpd=service
    DNSBL=enabled
    LogLevel=8
    MaxScannerSize=25000000
    RBLList=sbl-xbl.spamhaus.org,whois.rfc-ignorant.org,dnsbl.njabl.org,relays.ordb.org
    RHSBL=disabled
    RequireResolvableFromHost=no
    access=public
    status=enabled


Have fun and down with spam on sme 7.0 !!
...

Offline azche24

  • *
  • 163
  • +0/-0
    • http://az-law.de
enabling RBL lists on sme7.0
« Reply #1 on: December 06, 2005, 06:06:44 PM »
Yess, Ray!

I needed that (for test/home-server running b8).

Thanks an awful lot. If something is wrong, i will report.
Alexander Ziemann, Berlin - DE

Offline Blackbox

  • **
  • 47
  • +0/-0
enabling RBL lists on sme7.0
« Reply #2 on: February 07, 2007, 12:45:42 PM »
Hi,
Does this still apply for SME server 7.1

Sorry for the stupid question but, being a newbie running a LIVE server, I do not want to mess it up.

Thanks in advance
Since I experienced an IRQ conflict, my brain never worked the same!

Offline raem

  • *
  • 3,972
  • +4/-0
enabling RBL lists on sme7.0
« Reply #3 on: February 07, 2007, 01:03:54 PM »
Blackbox

> Does this still apply for SME server 7.1

Yes, but you should stop using relays.ordb.org as it is no longer active and stop using dnsbl.njabl.org as it is no longer being maintained as advised in previous forum posts.
Use dnsbl.sorbs.net instead.

config setprop qpsmtpd RBLList sbl-xbl.spamhaus.org,whois.rfc-ignorant.org,dnsbl.sorbs.net
(the above should all be on one line)
config setprop qpsmtpd DNSBL enabled
signal-event email-update

(the svc command is not required as the email-update event includes that)
...

Offline Blackbox

  • **
  • 47
  • +0/-0
enabling RBL lists on sme7.0
« Reply #4 on: February 07, 2007, 01:08:03 PM »
Thanks a lot for the quick response.

I'll try it out!  :lol:
Since I experienced an IRQ conflict, my brain never worked the same!

Offline Blackbox

  • **
  • 47
  • +0/-0
enabling RBL lists on sme7.0
« Reply #5 on: February 07, 2007, 01:16:12 PM »
Just one thing I need to confirm please.

Am I right in saying that to enable RBL lists, there is no need to enable spam filtering from the GUI?

Are these related to one another?

Thanks in advance
Since I experienced an IRQ conflict, my brain never worked the same!

Offline raem

  • *
  • 3,972
  • +4/-0
enabling RBL lists on sme7.0
« Reply #6 on: February 08, 2007, 12:20:44 AM »
Blackbox

>...to enable RBL lists, there is no need to enable spam filtering from the GUI?

Correct

> Are these related to one another?

RBL & Spam Filtering are totally seperate functions.
You will find that with RBL enabled there will be a huge reduction in incoming spam ie being listed on an RBL results in messages being rejected by the server and as a lot of spam sources get listed then you get a corresponding reduction in spam (& virus infected messages too).
So if you use Spam Filtering as well, you will find it has a lot less work to do.
Virus scanning will also have a lot less to do (due to RBL rejections), especially if you enable Pattern Matching Executable Content Filtering as well (which also rejects potentially infected messages).
...

Offline Blackbox

  • **
  • 47
  • +0/-0
enabling RBL lists on sme7.0
« Reply #7 on: February 08, 2007, 09:52:05 AM »
Thank you very much for your well explained and detailed reply.

I really appreciate it.

 :lol:  :lol:  :lol:
Since I experienced an IRQ conflict, my brain never worked the same!

Offline Blackbox

  • **
  • 47
  • +0/-0
enabling RBL lists on sme7.0
« Reply #8 on: March 29, 2007, 11:41:47 AM »
One last question please  :wink:

Once the RBLs are activated, can I exclude an IP address from being blocked from the RBLs?

I am asking because my ISP just got blocked from SORBS and most emails are getting rejected.

Any help is appreciated.

Thanks in advance
Since I experienced an IRQ conflict, my brain never worked the same!

RedHead

enabling RBL lists on sme7.0
« Reply #9 on: May 03, 2007, 10:58:32 PM »
Quote from: "Blackbox"
One last question please  :wink:

Once the RBLs are activated, can I exclude an IP address from being blocked from the RBLs?

I am asking because my ISP just got blocked from SORBS and most emails are getting rejected.

Any help is appreciated.

Thanks in advance


Has somebody already a answer on this? I need to add some domains which are allowed to send email, with possible spam. This because some major dutch providers a on a blacklist and so major email is rejected now.
Due the fact that most of the users do not understand mail headers the administrator (me) got a lot of incidents that the mail isn't working anymore.

Offline bpivk

  • *
  • 908
  • +0/-0
    • http://www.bezigrad.com
enabling RBL lists on sme7.0
« Reply #10 on: May 03, 2007, 11:18:42 PM »
The answer would be to write a mail to the people that manage the RBL lists and get them to remove the ip from the list.

Another option would be to remove the rbl list that's causing you problems.
"It should just work" if it doesn't report it. Thanks!

RedHead

enabling RBL lists on sme7.0
« Reply #11 on: May 03, 2007, 11:24:14 PM »
Quote from: "bpivk"
The answer would be to write a mail to the people that manage the RBL lists and get them to remove the ip from the list.

Another option would be to remove the rbl list that's causing you problems.


Ok, i would send a email to the manager van RBL list that the IP needs to removed. But i'm afraid that the IP will soon be added again due the mass of spam sended today.

I already deleted the RBL server from the RBL list, I hope this helps (and not that just a nother RBL server will list the IP)