Koozali.org: home of the SME Server
Obsolete Releases => SME Server 8.x => Topic started by: howard5091 on July 02, 2015, 08:39:14 PM
-
Hello,
I am looking for some assistance setting up my SME 8 server for optimum spam filtering. Currently we get slammed with spam, so I attempted to make some changes which caused more issues than it was worth. I made the below changes and it caused me to get this message "Technical details of permanent failure:
Google tried to deliver your message, but it was rejected by the server for the recipient ***.com
The error that the other server returned was:
550 v=spf1 a -all"
I was able to remove my changes from the config and I have the emails flowing again. My question is what do you see wrong with the below settings?
Thank you
SBLList=bogusmx.rfc-ignorant.org:multi.surbl.org:black.uribl.com:rhsbl.sorbs.net:bulk.rhs.mailpolice.com:fraud.rhs.mailpolice.com:por n.rhs.mailpolice.com:adult.rhs.mailpolice.com:ex.dnsbl.org
RBLList=bl.spamcop.net:combined.njabl.org:dnsbl.ahbl.org:dnsbl-1.uceprotect.net:dnsbl-2.uceprotect.net:list.dsbl.org:multihop.dsbl.org:psbl.surriel.com:zen.spamhaus.org
-
Hi,
think we need a bit more information here.
Can you give a simple point list of what you did please ?
Hello,
I am looking for some assistance setting up my SME 8 server for optimum spam filtering. Currently we get slammed with spam, so I attempted to make some changes which caused more issues than it was worth. I made the below changes and it caused me to get this message "Technical details of permanent failure:
Google tried to deliver your message, but it was rejected by the server for the recipient ***.com
The error that the other server returned was:
550 v=spf1 a -all"
Where were you sending to get the error 550 v=spf1 a -all ?? Out from SME or in from an outside address e.g. gmail ?
Do you use Google as your upstream smarthost for outgoing mail ? I saw this :
https://support.google.com/a/answer/178723?hl=en
Note the following from that page :
"Publishing an SPF record that uses -all instead of ~all may result in delivery problems. See Google IP address ranges for details about the addresses for the Google Apps mail servers."
Your error shows '-all' ? Not sure if it is related at all.
I was able to remove my changes from the config and I have the emails flowing again. My question is what do you see wrong with the below settings?
Thank you
SBLList=bogusmx.rfc-ignorant.org:multi.surbl.org:black.uribl.com:rhsbl.sorbs.net:bulk.rhs.mailpolice.com:fraud.rhs.mailpolice.com:por n.rhs.mailpolice.com:adult.rhs.mailpolice.com:ex.dnsbl.org
RBLList=bl.spamcop.net:combined.njabl.org:dnsbl.ahbl.org:dnsbl-1.uceprotect.net:dnsbl-2.uceprotect.net:list.dsbl.org:multihop.dsbl.org:psbl.surriel.com:zen.spamhaus.org
I think we need to figure out what is flowing in which direction first. The lists above are for blocking incoming mail.
Can you please post the output of
config show qpsmtpd
I believe you reset it as per your earlier thread but we should check, and we need to know what other changes you made.
B. Rgds
John
-
I am sorry that I was not more clear with my post. The issue was happening when I would send something from gmail or any other domain into our domain.
I hope that helps.
Thanks!
Ps. I will have to get you the config when I get back into work on Monday.
-
howard5091
You main issue appears to me to be:
Google does not trust the bona fides of your mail server.
Ask your ISP to setup a sender policy framework (SPF) entry for you, & then google will believe you when you say who you are when their mail server talks to your mail server.
Read about it in the sme server Manual Appendix.
Unrelated to the above:
Personally I think you have too many RBLs configured for blocking mail from various sites, you will for sure block some legitimate mail.
Those are old recommendations, search the FAQ for the "conservative" settings (with lesser RBLs).
To help stop incoming spam you should also enable executable content blocking in server manager Email panel, at least block ZIPv1 files, you will/should then see a huge reduction in spam, as many email messages contain viruses etc pretending to be zip files & the messages purport themselves to be ham but are really spam.
-
Ps. I will have to get you the config when I get back into work on Monday.
No probs. Away myself til then !!
B. Rgds
John