[1st ANNOUNCEMENT] Virus-Filter/Blocker

All new Directadmin exim configs come with the Spamblocker but I have it turned off.

I have setup manually to block in exim.conf based on the 2 blacklists: ordb.org and spamhaus.org both of which rarely false and have clear listing policies.

#ACLs
deny dnslists = relays.ordb.org : sbl-xbl.spamhaus.org
message = rejected because $sender_host_address is in the blacklist at $dnslist_domain\n\ ($dnslist_text)

I do not trust blocking based on any other blacklists. I prefer using Spamassassin to score each message and give the end email user the option to keep or toss messages.
Click to expand...


Matthew - this is good and timely info to share as I have just had to disable spamblocker after too many very frustrating false positives.

The downside of turning spamblocker off is yesterday we received alot of spam that would have been blocked but frankly it was worth it as we had no false positives.

I'm sure spamblocker could be edited to only include those two lists? I know Spamblocker gives people the option to be whitelisted but only if they read and understand the error message in the email. I think it would be better to amend the subject line with something like 'Your message to - insert email address - was spamblocked!'

I'll be testing your suggestion over the next few days.. and will post how it gets on...

Thanks!

Rob
 
Last edited:
Originally posted by matrixx
Matthew - this is good and timely info to share as I have just had to disable spamblocker after too many very frustrating false positives.
Click to expand...
Please send me, preferebly by email, some details of the false positives; if you can give me the IP#s of the sending servers perhaps we can figure out which list is creating the false positives and stop using that list. Or perhaps we can create a whitelist for certain senders. We do want SpamBlocker to work well. Unfortunately we can only go by our own experience if you and others don't give us details of yours.
I'm sure spamblocker could be edited to only include those two lists?
Click to expand...
Absolutely.
I know Spamblocker gives people the option to be whitelisted but only if they read and understand the error message in the email.
Click to expand...
SpamBlocker doesn't send an email. It notifies the sending server why it's blocking receipt of the email, and it's the sending server's responsibility to send the email explaining why it couldn't deliver the email. Some do a better job than others.

We agree with you completely about not wanting false positives. But we also believe that people stand a better chance of getting their blocked email finally delivered than their filtered email, since most people who get a lot of email eventually stop reading their email that's been filtered and marked as spam, but simply delete it because there's so much of it.
I think it would be better to amend the subject line with something like 'Your message to - insert email address - was spamblocked!
Click to expand...
Great idea. But we can't implement it, because we don't send an email. If you think about it, we can't send an email, since we have no idea if the return address is correct. If we sent an email, then better than nine times out of ten we'd be spamming innocent parties.

And unfortunately I don't think you'll ever convince hundreds of thousands of administrators of hundreds of thousands of email servers, to change their error messages.

If you help me identify the bad lists, I'll be glad to adjust what we use in SpamBlocker.

Jeff
 
Hi Jeff,

Thanks for this - I'll work through the stuff over the weekend and email you.

Off the top of my head the list was one of the ones blocking the nameservers not the IP's - I'll try to dig out the other details.

Rob
 
Last edited:
Any update on Virus blocker? My DA servers are not in production yet so I am not in a rush. I don't want to bother with Mailscanner if I don't have to.
 
I posted I think already a few mails about my idea and nobody seems to reply on it. I don't understand it, because i think it's the 'ultimate' for the client. The client is afraid that he or she is losing there e-mail by blocking everything. But to receive every e-mail, tagged or not, is stil as anoying as a mail adres without a spam/virus checker.

I'm looking for a configuration that it wil move the spam/virus mails to a separete folder in the IMAP server so people can log in on there webmail en eventualy find e-mails if they want to. Then they can move it to the inbox and they wil receive it. This way only 'clean' mail wil be received bij the client en if they want to browse there infected e-mail it's also no problem.

And then ofcourse you should consider to delete the e-mail after 30 day's or something, but that's part 2 of the problem.

What do you all think?
 
I'm not sure what you are asking here. From what I see of the new DA SA user interface, there is the option to send the spam to a seperate spam folder. Isn't this what you are asking about? Question is, how does one access this folder now?? Anyone know?
 
bvvelzen said:
I'm looking for a configuration that it wil move the spam/virus mails to a separete folder in the IMAP server so people can log in on there webmail en eventualy find e-mails if they want to.
Click to expand...
This is probably the wrong thread to look for that in, as neither my VirusBlocker nor SpamBlocker products will ever filter emails into directories (sometimes called folders by Microsoft). They can't, since they don't accept the email onto the system in the first place. You can't filter email you don't have.

Jeff
 
rldev said:
I'm not sure what you are asking here. From what I see of the new DA SA user interface, there is the option to send the spam to a seperate spam folder. Isn't this what you are asking about? Question is, how does one access this folder now?? Anyone know?
Click to expand...
I don't know anything about the new server interface at all, as I haven't loaded the latest DA at all. I'm hoping to get it loaded on my testbed this morning.

What's stopped me so far is I haven't read any posts announcing or explaining the new SpamAssassin interface. I use the "new posts" search to read all the messages on the forum. Are there posts here on the forums I've missed?

Thanks.

Jeff
 
Everything :D .

I'm going to finish a new DA install on a testbed server today.

Once I do that, do I have to make any changes to exim.conf for it to work? There's a post in the HowTo section that makes me believe I might.

How about when I update old systems to the latest version of DA. Do I then have to change something in exim.conf to make it work?

I need to know because I need to change the master exim.conf file.

Was there a post or a series of posts somewhere that I've missed, which explains the new implementation of SpamAssassin?

I haven't seen any posts on it.

Thanks.

Jeff
 
I do not believe you need to make any changes to the Exim conf when you update DA and follow their instructions to install SA. I know I made no modifications at all.

Da's SA interface is pretty good. It allows the cp owner to set SA threshold value.

White and Black listing of email addresses.

Options to move Spam tagged Mail to a spam folder, delete, or pass through.

You can customize the Spam Tag.

Other Delivery Options:

Don't use attachments (dangerous)
Use attachments.
Use text-only attachments

All and all a good interface. They should really consider changing the name to something likw Spam Tools and include a UI to your SpamBlocker. I think this is very important. I'm kind of surprised they didn't do this considering they made SpamBlocker available in the Exim.conf. Per haps they will get around to this in the next release. Good work overall though. All we need is to get VirusBlocker integrated into all of this. It will offer a easy to use and powerful Spam/Virus Tools.
 
rldev said:
I do not believe you need to make any changes to the Exim conf when you update DA and follow their instructions to install SA.
Click to expand...
Where did they offer any instructions for installing SA? Is there a thread? Do they somehow pop up somehow when you follow their instructions? This is the part I'm missing.

We ran into a few problems over the weekend doing a clean DA install on CentOS on our testbed, and haven't seen the new SA setup yet :(.
All and all a good interface. They should really consider changing the name to something likw Spam Tools and include a UI to your SpamBlocker.
Click to expand...
I agree that they can and probably should do it.

If we're left to do it two things will occur:

1) We'll do it externally to the skins system, as a completely separate login (but using the same user, reseller and admin passwords) since I don't want to get involved in having to update skins as often as DA comes out with revisions.

2) We'll probably make a (hopefully reasonable) charge for it, since we'll be making a commitment to maintain it.

Jeff
 
Yeah I'm bummed that there's no interface for the spamblocker. They do have a similar block by email address or domain in the spamassassin configure but they must understand that the processor resources get sucked by spamassassin when they really don't need to. That is the beauty of spamblocker in theory.

As for the SA install look http://help.directadmin.com/item.php?id=36
 
The commercial version will be available to advance purchasers by the end of this month. It will probably be available in raw exim.conf form shortly thereafter; certianly by the end of the year.

Jeff
 
For commercial product info please contact me privately at the email address in my sig.

Thanks.

Jeff
 
It's been a while now since the last update on news on the development of virus blocker. I'm slightly confused as to what the plans are for this software following some of the threads of this forum. Are there any further developments?

Questions that come to mind are:

1) Is this product going to be available this year?


2) Are there two products. A commercial and a free edition? If so what is the eta release dates for each of these.




regards

Jon
 
You must log in or register to reply here.
Back
Top