Koozali.org: home of the SME Server
Obsolete Releases => SME Server 7.x => Topic started by: ianhobson on May 15, 2008, 10:58:13 AM
-
Hi,
I've set up SME 7.3 as firewall and mail server, and all is working fine for internal people.
Their probable spam is marked by altering the subject line, and their certain spam is discarded. Brilliant.
I have a single external user who collects her mail via POP3s.
She appears to have no spam filtering at all. :(
How can I set up her filtering to be the same as everyone else's?
Thanks for your input.
Ian
-
If you mean that the external user picks up the email by pop3s to the SMEServer, then there is no reason why the email should not be filtered as for all other mail received by the SMEServer. There is functionally (as far as I am aware) no difference between an internal and external pop3 client.
What makes you think the email is not filtered?
-
What makes you think the email is not filtered?
1) My external user is collecting email from one account only.
2) She is getting 10 spam to every real email.
3) I've checked, and they are real spam.
4) They do not have ***SPAM*** in the subject lines.
And yes - I do mean that she is collecting from the SME server using POP3s.
I also can find nothing that would explain it.
Ian
-
Have you looked at the headers to see if there is any sign of spam checks and a score assigned?
If you open the message in Webmail you can click Show all headers at the top of the message.
-
Yes. From memory there is no evidence of spamassassin handling the mail.
I'll check again later (when there is fresh spam) and report for definite.
Thanks for your reply mercyh
Ian
-
I should look something like this:
X-Spam-Check-By: MyDomain.com
X-Spam-Status: No, hits=-2.4 required=5.0 tests=BAYES_00,HTML_IMAGE_RATIO_04,HTML_MESSAGE
X-Virus-Checked: Checked by ClamAV on Mydomain.com
It will still have these headers even if it is not spam.
-
The puzzle gets more confusing. :?
The spam shows that it was accepted by my Demon server. This is set up to forward
the mail to the account (on a different domain) on my SME server.. However....
There is no trace of the exchange between my demon server (or any demon mail server), and
the SME box. Nor of the POP3s exchange between SME and the user's machine. - Very odd.
There are no X-Spam-Check-By , X-SPam-Status or X-Virus-Checked headers (as shown by Thunderbird).
I have treble checked. There are two mail accounts on the user's machine, the new one she is using and an old one
to my demon server that is disabled. Not only has the old account been disabled by turning off all automatic attempts
to collect mail, I have changed the user name, so it cannot work. Forcing its use, prompts for the password.
But I am still suspicious. The spam just received was dated in mid March and early April. Could it have arrived back then and only now
appeared? If so, it would have been handled by the demon server directly and that would agree with the headers.
I don't know if it is relevant but user reports that she often has "server cannot be reached" errors. She tries again
and gets through. I put this down to slow DNS.
I have checked and her machine resolves the external name of the SME server to the correct IP.
And the SME server's POP3s logs show here coming in at about the times we thought.
Ideas anyone? I'm stumped.
Ian
-
ianhobson
I have a single external user who collects her mail via POP3s.
She appears to have no spam filtering at all.
How can I set up her filtering to be the same as everyone else's?
What filtering is it that you expect to happen with her POP acct ?
Mail will only be tagged if that's how you have setup the spam filter in the server manager panel.
There won't be any filtering to a junkmail folder apparent, unless you enable IMAP account/folders for her also, as then she will be able to see spam in the junkmail IMAP folder.
How is mail getting into her user account, is her account a standard user on the sme server who receives smtp mail sent to the server at user@yourdmain.com ?
-
I am having a hard time following your setup.
Does all the mail for all your users go first to the server you call Demon and then get forwarded to the SME for delivery to the users or is this unique to the external user?
One thing I would try.
Set your external user's e-mail client to leave the mail on the server for X days (5-10). When the user reports suspicious mail you log onto the user's mailbox with webmail and see if that mail is on the SME server. Check the headers and see where it is coming from and any other information you can glean. This will eliminate the question of whether it is actually being delivered through the SME or not. (you will of course need to have the user's password for this.)
-
Thanks for your replies mercyh and mary.
Yes - the mail goes to a virtual server I rent from demon internet, which forwards it to an account on my SME server.
The MX records and Name server the Virtual server, give my firewall an external IP (which I have to change every time I get given a new IP address which is every 18 months or so - its not a problem).
Further digging using mercyh's idea - thanks mercyh - has shown that mail for my user is NO longer being forwarded by the ISP, but mail sent directly is arriving. I have not yet sent anything that has been filtered as spam.
I'm in the process of digging into the issue of the server that should be forwarding the mail and isn't. When the mail is forwarded we can test what happens with it.
Thanks for your help, both.
Ian
-
The final solution was deep in the ISP's server. :shock:
It appears that exim does not (in their installation) use the MX record to deliver mail if the domain is hosted locally
The fix was to remove the domain from sendmailrc
Thanks again for everyone's help.
Ian
I'm reminded of Asimov's remark about any sufficiently advanced technology is indistinguishable from magic.