IT_Architect
Verified User
- Joined
- Feb 27, 2006
- Messages
- 1,094
What would like to see are:
- Find or write software that minimizes DMARC's vulnerabilities. To get a true picture of how easy it is for a spammer or scammer to get around DMARC and even use it to his advantage, see Breaking DKIM - on Purpose and by Chance.
- A procedure or script for CB 2.0 to easily turn off unencrypted E-Mail access so users don't compromise their credentials at hot spots with their mobile devices.
- Add to the documentation for SpamBlocker
A. How to configure your resolv.conf and system to ensure you use the public address of your own BIND servers or to select one without much traffic so that it doesn't go beyond the limits of the RBL and cut you off.
B. Who you are using for RBLs or at least where to find it, which ones are free, which require registration, which ones cost money for commercial purposes, and fix the mistakes in the documentation on how to add or remove entries from the RBL_DNS_LIST for CB 2.0. What I currently see in the exim.conf are these:
RBL_DNS_LIST=\
cbl.abuseat.org : \ <-- "The CBL is still firmly committed to free access to small and medium sized organizations. See Terms of Service" Then it goes on to say, CBL is now a division of the Spamhaus Project. In the meantime, you may wish to familiarize yourself with the Spamhaus DNSBL Usage Terms and contrast "Free usage" versus "Professional usage". Do NOT use this with SpamHaus.org products because they use the same database. This is the free-for-commercial-use version of zen.spamhaus.
bl.spamcop.net : \ <-- "If you use the blocklist and like it, please feel free to make a donation... This one started out independent, then IronPort Systems bought them for their anti-spam hardware appliance, after which Cisco bought them. It works by keeping track of at-a-boys and aw-craps. When the aw-crap score exceeds the at-a-boy score, you end up on their RBL. There is no manual way off. You have to fix where the aw-craps are coming from, and it will clear itself in approximately 48 hours.
b.barracudacentral.org : \ <-- Free with registration: and Barracuda Reputation Block List (BRBL) – How to Use They are probably the most highly respected company for their Anti-Spam hardware appliances, which is also one source of their information that they put a lot of trust in. You can request removal here with valid reasons as to why they should remove you, such as compromised account re-secured.
zen.spamhaus.org <-- Free for non-commercial use only. "You should not use ZEN together with other Spamhaus IP blocklists, or with blocklists already included in our zones (such as the CBL) or you will simply be wasting DNS queries and slowing your mail queue." So from this, it seems like CBL is giving away Spamhaus for free, at least for the time being. However, this didn't make a lot of sense so it kept bothering me. I was right. Spamhaus needed CBL. CBL specializes in "IP addresses exhibiting characteristics specific to open proxies, spamware, malware downloaders, botnets and the like." Spamhaus markets this as XBL (Exploits Block List) as part of Spamhaus, but not separate as CBL is. Therefore, Spamhaus includes CBL, but CBL does not include all of Spamhaus.
With this information we know the stock RBLs in exim.conf don't make sense. CBL is free, and Spamhaus is not. If you use Spamhaus, don't use CBL, so the list of RBL defaults as-is, is a problem. People need to know they need to register with, and set up the IPs to with Barracuda. Thus, I opened /etc/exim.conf, copied the RBL_DNS_LIST, made a new etc/exim.variables.conf.custom, file, and copied the RBL_DNS_LIST into it so it looked like this:
A common theme in the Terms of Service is:
- Find or write software that minimizes DMARC's vulnerabilities. To get a true picture of how easy it is for a spammer or scammer to get around DMARC and even use it to his advantage, see Breaking DKIM - on Purpose and by Chance.
- A procedure or script for CB 2.0 to easily turn off unencrypted E-Mail access so users don't compromise their credentials at hot spots with their mobile devices.
- Add to the documentation for SpamBlocker
A. How to configure your resolv.conf and system to ensure you use the public address of your own BIND servers or to select one without much traffic so that it doesn't go beyond the limits of the RBL and cut you off.
B. Who you are using for RBLs or at least where to find it, which ones are free, which require registration, which ones cost money for commercial purposes, and fix the mistakes in the documentation on how to add or remove entries from the RBL_DNS_LIST for CB 2.0. What I currently see in the exim.conf are these:
RBL_DNS_LIST=\
cbl.abuseat.org : \ <-- "The CBL is still firmly committed to free access to small and medium sized organizations. See Terms of Service" Then it goes on to say, CBL is now a division of the Spamhaus Project. In the meantime, you may wish to familiarize yourself with the Spamhaus DNSBL Usage Terms and contrast "Free usage" versus "Professional usage". Do NOT use this with SpamHaus.org products because they use the same database. This is the free-for-commercial-use version of zen.spamhaus.
bl.spamcop.net : \ <-- "If you use the blocklist and like it, please feel free to make a donation... This one started out independent, then IronPort Systems bought them for their anti-spam hardware appliance, after which Cisco bought them. It works by keeping track of at-a-boys and aw-craps. When the aw-crap score exceeds the at-a-boy score, you end up on their RBL. There is no manual way off. You have to fix where the aw-craps are coming from, and it will clear itself in approximately 48 hours.
b.barracudacentral.org : \ <-- Free with registration: and Barracuda Reputation Block List (BRBL) – How to Use They are probably the most highly respected company for their Anti-Spam hardware appliances, which is also one source of their information that they put a lot of trust in. You can request removal here with valid reasons as to why they should remove you, such as compromised account re-secured.
zen.spamhaus.org <-- Free for non-commercial use only. "You should not use ZEN together with other Spamhaus IP blocklists, or with blocklists already included in our zones (such as the CBL) or you will simply be wasting DNS queries and slowing your mail queue." So from this, it seems like CBL is giving away Spamhaus for free, at least for the time being. However, this didn't make a lot of sense so it kept bothering me. I was right. Spamhaus needed CBL. CBL specializes in "IP addresses exhibiting characteristics specific to open proxies, spamware, malware downloaders, botnets and the like." Spamhaus markets this as XBL (Exploits Block List) as part of Spamhaus, but not separate as CBL is. Therefore, Spamhaus includes CBL, but CBL does not include all of Spamhaus.
With this information we know the stock RBLs in exim.conf don't make sense. CBL is free, and Spamhaus is not. If you use Spamhaus, don't use CBL, so the list of RBL defaults as-is, is a problem. People need to know they need to register with, and set up the IPs to with Barracuda. Thus, I opened /etc/exim.conf, copied the RBL_DNS_LIST, made a new etc/exim.variables.conf.custom, file, and copied the RBL_DNS_LIST into it so it looked like this:
then made it a double ==, and dropped zen.spamhaus.org so it looks like this:
Then
Code:
# cd /usr/local/directadmin/custombuild
# ./build exim_conf
.
.
.
Enabling Easy Spam Fighter...
Easy Spam Fighter is now enabled.
Restarting exim.
Shutting down exim: [ OK ]
Starting exim: [ OK ]A common theme in the Terms of Service is:
Last edited:
