You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 6 Next »

I'm an ISP, and mails from our dialups are hitting RCVD_IN_DYNABLOCK.

RCVD_IN_DYNABLOCK refers to the Dynablock list, which lists IP addresses that should not be sending mail directly to another server, without passing through a "smarthost" outgoing relay. SpamAssassin gives this a small positive score.

If you're running SpamAssassin as an ISP, your dialup pools may be listed in Dynablock. In this case, your host is the "smarthost" – but it's also where SpamAssassin is running. So even if your customers are doing the "right thing", relaying via your host, they'll get hit – because as far as SpamAssassin can tell, a mail from a Dynablock-listed IP address is being sent to the scanner, without passing through a "smarthost" on the way. It doesn't know that they're your dialup pools.

The way around this is to get SpamAssassin to "trust" the dialup IP pool's addresses, so that they're exempted from the Dynablock test. e.g., if your dialup pools use the IP range 10.222.111.0-255, add this line:

trusted_networks 10.222.111/24

in /etc/mail/spamassassin/local.cf .

To specify multiple trusted networks, add multiple "trusted_networks" lines.

I'm an ISP, and mails from our customers, using authenticated connections from another ISP, are hitting RCVD_IN_DYNABLOCK.

This is another Dynablock-related issue. If:

  • 1. your customer opens an authenticated SMTP connection to your "smarthost" from a Dynablock-listed dialup pool,
  • 2. and you're running SpamAssassin on that "smarthost" machine,
  • 3. and the message is to be delivered to a local recipient on that machine,

then their message will still be hit by RCVD_IN_DYNABLOCK, because it's an SMTP connection from a DYNABLOCK-listed host, directly to your mail server. SpamAssassin doesn't know that it was an authenticated connection.

To avoid this, you should add a custom, local rule which matches the Received header format which your mailserver adds for successfully-authenticated connections. For example, if your mail server adds this line for an authenticated client:

  Received: from 192.168.2.125 (CPE0004e24b9419-CM000a7365d82c.cpe.net.cable.rogers.com
      [63.139.187.25]) (authenticated (0 bits)) by services04.student.cs.uwaterloo.ca
      (8.11.7/8.11.7) with ESMTP id hA41X1B23955 for <recipient@example.org>; Mon,
      3 Nov 2003 20:33:03 -0500 (EST)

Then you should define a rule like this:

  header LOCAL_AUTH_RCVD    Received =~ /\(authenticated \(\d+ bits\)\) by services04\.student\.cs\.uwaterloo\.ca /

Note the use of your server's hostname, so that spammers cannot fake the data without knowledge of your server's header format and so on.

  • No labels