Mail unjustly marked as SPAM because of PBL database

Wanabo

Verified User
Joined
Jan 19, 2013
Messages
170
I have a hobby home server which has a dynamical ip. Any system messages I mail to an email account hosted on 1 of my servers using DirectAdmin and SpamAssassin get marked as spam. :(

I think SpamAssassin checks a wrong RBL.
My public ip is in a so called PBL database which is NOT a blacklist!
Then why is SA checking this list?
Can I exclude it?

https://www.spamhaus.org/pbl/removal/
THE PBL IS NOT A BLACKLIST. You are not blacklisted for spamming or for anything you have done. The PBL is simply a list of ALL of the world's end-user broadband IP space, i.e: IP space normally assigned to broadband/ADSL customers. It is perfectly normal for dynamic IP addresses (DSL, DHCP, cable, dialup) to be listed on the PBL. In fact all IP addresses in the world which are not designated mail server machines *should be* on the PBL.

From my received email:
Content analysis details: (5.2 points, 5.0 required)

pts rule name description
---- ---------------------- --------------------------------------------------
3.6 RCVD_IN_PBL RBL: Received via a relay in Spamhaus PBL
[xxx.xxx.xxx.xxx listed in zen.spamhaus.org]
0.0 TVD_RCVD_IP Message was received from an IP address
1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,
https://senderscore.org/blacklistlookup/
[xxx.xxx.xxx.xxx listed in bl.score.senderscore.com]
0.4 RDNS_DYNAMIC Delivered to internal network by host with
dynamic-looking rDNS
For Spamhaus it is relatively easy to get removed from the blacklist, it just takes some effort. But doing this weekly gets annoying.
Senderscore should be removed from SpamAssassin all together, because they want to know to much from me before I can get to a form where I can request to be removed from a blacklist.

But being removed from Spamhaus is enough to lower the spamrating and enjoy uncrippled email messages again.
 

Richard G

Verified User
Joined
Jul 6, 2008
Messages
4,387
Location
Maastricht
I have a hobby home server which has a dynamical ip. Any system messages I mail to an email account hosted on 1 of my servers using DirectAdmin and SpamAssassin get marked as spam.:(
There is your issue. You should not try Directadmin to remove things from spamassassin as the things you mention are just part of the fact that it works and stops spam.
Directadmin is not ment to be used in a home environment to begin with.

Next to that, Spamhaus is not the only one which puts dynamic ip's on a default blacklist. Many big providers like UPC, KPN and Ziggo in the Netherlands for example do this also by default, to prevent their users from being able from sending spam. Because in the past this caused their ip's being blacklisted in spamlists, causing all their customers not to be able to send mail anymore.
Also, many mailservers are set up that they don't accept mail from dynamic ip adresses, so even if you could find a way around, a lot of your mail would be blocked before it could reach the recipient.

So if you want to have your own mailserver at home, the solution is to have your mailserver send outgoing mail through the smtp server of your provider.
In that case your problem of the blacklist is gone.
Maybe you should read a bit about mailservers and RFC's. ;)

Anyway, your solution is not to change things to Spamassassin but to use your ISP's smtp server as mailrelay for your mailserver.
 

Wanabo

Verified User
Joined
Jan 19, 2013
Messages
170
The hobby home server uses CWP not DirectAdmin. (Although I keep an eye here on the forums to get my hands on a cheap DA license).
The root emails from this hobby home server go to an email account on a server with DA and SA.

My point is: PBL is not a blacklist so it should not be used by SA.

So if you want to have your own mailserver at home, the solution is to have your mailserver send outgoing mail through the smtp server of your provider.
That worked with Webmin, but with CWP I cannot find these settings. But your remark made me search for an solution to edit postfix/main.cf directly. I'm going to explore that. But nevertheless PBL is not a blacklist so it should not be used by SA!
 

Richard G

Verified User
Joined
Jul 6, 2008
Messages
4,387
Location
Maastricht
(Although I keep an eye here on the forums to get my hands on a cheap DA license).
There were (and I thought there still are) a couple for $ 150,- which is cheap.

My point is: PBL is not a blacklist so it should not be used by SA.
Well I don't agree. Anti spam measures are not done by using blacklists only. It's a variation of things. Spamassasin can also use Pyzor/Razor which is not a blacklist either.;)
Also these lists where dynamic ip's are resided, belong to anti spam measures, so IMHO it's a good thing that spamassassin checks them.

I'm sorry, I don't know all shorcuts. So I don't know what CWP stands for.

Postfix? Ah I've used that too in the long past.
relayhost = smtp.yourisp.com:25
that should do the trick. There are also possibility's using port 587 and authentication or maybe port 465. But if you want that I'm sure you can find that on Google.
 

Wanabo

Verified User
Joined
Jan 19, 2013
Messages
170
I explored your suggestion yesterday and found the solution also.

I added this to the bottom of main.cf
Luckily I don't need authentication for the smtp which makes it very easy.
Now I'm using the smtp from my ISP, but their mailserver also uses RBL lists / spam checks. But the rating is now much lower. So for the time being, if my sender score is not increased, I'm using this.

Thanks for your assistance. Groetjes Wim.
 

Richard G

Verified User
Joined
Jul 6, 2008
Messages
4,387
Location
Maastricht
Correct, your ISP is also using RBL lists which is quite normal.
However, they are prepared to accept mail from your dynamic ip, since you are their direct customer.

I love postfix and had a mailserver with it for years. But since I've got the DA servers I decided to run my domains on my own servers, which is more efficient and saved money for electricity running a server at home. A NAS is a lot cheaper with electricity costs. :D

For my help, you're welcome.
If you have more or other questions, vraag maar effe op je ziggo gebruikers deel of per mail of zo.

Groetz, Richard. ;)
 

Wanabo

Verified User
Joined
Jan 19, 2013
Messages
170
Hm, all of this wouldn't have to be necessary if the DA / user / spamassassin setup / whitelist had worked.
Does the whitelist not accept wildcards?
The problematic sender email was whitelisted!!
Like so: *@problememailadres.org
 

Richard G

Verified User
Joined
Jul 6, 2008
Messages
4,387
Location
Maastricht
RBL's are checked at connection level by Exim.
If you only send mail to your DA server, it should be working with whitelist indeed. But whitelisting is for Exim if I'm not mistaken. If Spamassassing is also checking RBL's, then I'm not sure if that will work.

The problematic sender email was whitelisted!!
Like so: *@problememailadres.org
That looks more like a domain.

First of all... wildcards don't work in whitelists.

So you might consider to use the /etc/virtual/whitelist_domains and add en entry like:
problemdomain.org

You might also try the whitelist_from option too like:
foobar@problemdomain.org

If you're running Easy Spamfighter on your DA server you could also use:
EASY_SKIP_HOSTS = /etc/virtual/esf_skip_hosts
However, since you're on a dynamic ip at home, the whitelist_from and/or whitelist_domain should be sufficient too.
Remember to restart Exim after making the changes.
 
Top