Re: [PLUG] spamassassin help: create a rule to score by sender TLD

Rich Kulawiec on 23 Oct 2016 17:49:07 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] spamassassin help: create a rule to score by sender TLD

From: Rich Kulawiec <rsk@gsp.org>
To: "Philadelphia Linux User's Group Discussion List" <plug@lists.phillylinux.org>
Subject: Re: [PLUG] spamassassin help: create a rule to score by sender TLD
Date: Sun, 23 Oct 2016 20:49:01 -0400
Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>
Sender: "plug" <plug-bounces@lists.phillylinux.org>
User-agent: Mutt/1.5.23 (2014-03-12)

On Wed, Oct 19, 2016 at 11:27:08AM -0400, Greg Helledy wrote:
> I tried to reply to your email, but my server is not allowed to write to
> you:

That may (or may not) be because DNS for your mail server is configured
incorrectly.  In particular, your mail server fails FCrDNS:

	% host 23.91.125.37
	37.125.91.23.in-addr.arpa domain name pointer grainc.arvixevps.com.

	% host grainc.arvixevps.com
	grainc.arvixevps.com has address 192.169.58.126

In some cases, this will cause mail from your host to be rejected.
(It will here, because the check for it is switched on in the MTA's
configuration.  This has been a best practice for over a decade.)

In others, it will cause mail to deferred, or quarantined, or scored
higher on a not-spam/spam scale, or discarded.  (Note: not that I
necessarily agree with all of these, because I don't, but they are
things that are possible outcomes as you present mail to various
recipient mail systems, each of which will make its own decision
based on your DNS misconfiguration.)

Also, in re this:

> We're on a VPS, which spammers like to use, so it's not surprising that
> other IPs in our block would be on blacklists. Nothing I can do about
> that, unfortunately.

Yes. There is.  Move somewhere else.  If spammers like to use this particular
VPS, as you say they do, then there are only two possibilities:

	1. The VPS provider knows this.
	2. The VPS provider does not know this.

If it's (1), then the VPS provider is knowingly accepting dirty spammer
money.  Is this unethical company one you want to do business with?

If it's (2), then the VPS provider is incompetent: they're unable to
stop their own operation from being abused, which is ridiculous and
pathetic.  Is this incompetent company one you want to do business with?

As an aside, your IP address is presently on the AHBL, but not on
any of the other major DNSBLs that I just checked.  However, I made
only a cursory survey and not an exhaustive one, so it's entirely
possible you're listed by some of the hundreds of others that I
didn't bother checking.

---rsk
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug

References:
- Re: [PLUG] spamassassin help: create a rule to score by sender TLD
  - From: Greg Helledy <gregsonh@gra-inc.com>

Prev by Date: Re: [PLUG] Egress filters & monitoring
Next by Date: Re: [PLUG] spamassassin help: create a rule to score by sender TLD
Previous by thread: Re: [PLUG] WAS: spamassassin help: create a rule to score by sender TLD Now: Email support
Next by thread: Re: [PLUG] spamassassin help: create a rule to score by sender TLD
Index(es):
- Date
- Thread