Closed TopicStart new topicStart Poll

> How Anti-Spam Tests work .., Your mail rejected ? Read why !
hschneider
Posted: Jun 24 2004, 01:54 PM
Quote Post


No - I'm not an answering script ...
Group Icon

Group: Admin
Posts: 6631
Member No.: 195
Joined: 19-June 02



This is a list of the tests which some of the most paranoid servers out there will run against you:

QUOTE

With your server's IP:
Query DNS for PTR record of ip (reverse lookup)
Does the PTR record exist?
No: reject mail.
Does the PTR record refer to the HELO / EHLO hostname?
No: reject mail.
Does the ip address's "PTR hostname" have an A record??
No: reject mail.
Does the ip address's "PTR hostname" have an MX record??
No: reject mail.
Is the ip address in Mail-Abuse.org's MAPS databases of black-holes, open-relays, or dial-ups?
Yes: reject mail.
Is the reverse delegation the existent and/or correct?
No: reject mail.

With the HELO / EHLO hostname:
Does the hostname resolve to an A record?
No: reject mail.
Does the hostname resolve to an MX record?
No: reject mail.
Is the hostname a FQHN: Fully Qualified Host Name ?
No: reject mail.
If there is an A record, is the ip address in Mail-Abuse.org's MAPS databases of black-holes, open-relays, or dial-ups?
Yes: reject mail.

With the MAIL FROM: @senderdomain:
Does the senderdomain resolve to an A record?
No: reject mail.
Does the senderdomain resolve to an MX record?
No: reject mail.
Is the senderdomain a FQHN: Fully Qualified Host Name ?
No: reject mail.
If there is an A record, is the ip address in Mail-Abuse.org's MAPS databases of black-holes, open-relays, or dial-ups?
Yes: reject mail.


How to harden your XMail server for this:
- Make sure, that HeloDomain in your server.tab contains a registered domain name and can be resolved by a RDNS query. See http://dnsstuff.org for some useful utilities.
- If your are on a dynamic IP range, delgate outgoing mails to your ISP's SMTP via smtpfwd.tab.

If you run your own DNS:
Make sure your DNS has been delegated with reverse authority for your ip blocks by a higher, wider authority DNS.
If your DNS is delegated with reverse zone authority, make sure your reverse zone is setup perfectly, at least for the ip addresses of your mail servers.
Check your reverse zone: Is it, or is it not, working? If you get no results or the results are not what you put in your db. reverse zone file, then your reverse zone is broken.

For every domain in your DNS, make sure the zone files contain at least these records:

$ORIGIN mydomain.com.
@ A ip.ad.re.ss
@ MX 10 mailhost.domain.com.

For every mail host (real and virtual) in your DNS, make sure the zone files contain at least these records:

$ORIGIN somedomain.com.
mailhost A ip.ad.re.ss
@ MX 10 mailhost.somedomain.com.
mailhost MX 10 mailhost.somedomain.com.

Also read this:
http://www.faqs.org/rfcs/rfc1912.html

If you have a dynamic IP address:
Then many servers will classify your mails as SPAM. Use smtpfwd.tab to delegate the sending task to a server on a fixed IP (your ISP's SMTP?). If this erver requires SMTP auth, then you'll have to setup MailRoot/userauth/smtp/name_of_forwarding_server.tab
See chapter USERAUTH in the XMail manual for details.

You have checked all this but you are still in trouble?
Use XQM ( http://xmail.marketmix.com ) to examine frozen messages in your mail queue. This will give you hints about the reason why deliver failed. In most cases a remote server's reply contains additional infos why a message was rejected.


--------------------
Bye,
Harald


-- Download XMail Queue Manager 1.46 NOW: XMail Server Tools
-- Cross platform remote queue management!
-- Message analyzing on the fly!
-- Builtin diagnostics knowledge base!
-- Manages multiple mail queues!

Sponsored by
CD-Produktion und DVD-Produktion and Homestaging Saarland - Immobilien schneller verkaufen in der Region Saarland, Rheinland-Pfalz und Luxembourg
PMEmail PosterUsers Website
Top
hschneider
Posted: May 21 2005, 12:23 AM
Quote Post


No - I'm not an answering script ...
Group Icon

Group: Admin
Posts: 6631
Member No.: 195
Joined: 19-June 02



AOL has added the obviously most psychotic test out there:

If your message content contains a mailformed URL, it will be rejected !
See http://postmaster.info.aol.com/errors/554hvunr.html for details.

E.g. http://www.marketmix.com will be accepted but http://www.marketmix.com/ will not !

Hope they will take this one offline soon ...


--------------------
Bye,
Harald


-- Download XMail Queue Manager 1.46 NOW: XMail Server Tools
-- Cross platform remote queue management!
-- Message analyzing on the fly!
-- Builtin diagnostics knowledge base!
-- Manages multiple mail queues!

Sponsored by
CD-Produktion und DVD-Produktion and Homestaging Saarland - Immobilien schneller verkaufen in der Region Saarland, Rheinland-Pfalz und Luxembourg
PMEmail PosterUsers Website
Top
hschneider
Posted: May 21 2005, 12:26 AM
Quote Post


No - I'm not an answering script ...
Group Icon

Group: Admin
Posts: 6631
Member No.: 195
Joined: 19-June 02



The complete list of AOL's anti-spam tests can be viewed here:

http://postmaster.info.aol.com/errors/

This is very interesting, because many of these rules are adopted by other servers out there.


--------------------
Bye,
Harald


-- Download XMail Queue Manager 1.46 NOW: XMail Server Tools
-- Cross platform remote queue management!
-- Message analyzing on the fly!
-- Builtin diagnostics knowledge base!
-- Manages multiple mail queues!

Sponsored by
CD-Produktion und DVD-Produktion and Homestaging Saarland - Immobilien schneller verkaufen in der Region Saarland, Rheinland-Pfalz und Luxembourg
PMEmail PosterUsers Website
Top
0 User(s) are reading this topic (0 Guests and 0 Anonymous Users)
0 Members:
« Next Oldest | Documentation and Knowledge Base | Next Newest »

Closed TopicStart new topicStart Poll