Results 1 to 10 of 28

Thread: zen.spamhaus.org RBL

Hybrid View

  1. #1
    Join Date
    Mar 2007
    Posts
    42
    Rep Power
    8

    Default zen.spamhaus.org RBL

    I recently followed the wiki advice located here...

    http://wiki.zimbra.com/index.php?tit...On_or_Off_RBLs

    Except instead of the listed RBL's, I just listed one, the Spamhaus Zen RBL which combines all their lists into one and is located at zen.spamhaus.org as follows...

    Code:
    zmprov mcf zimbraMtaRestriction reject_invalid_hostname zimbraMtaRestriction reject_non-
    fqdn_hostname zimbraMtaRestriction reject_non_fqdn_sender zimbraMtaRestriction 
     “reject_rbl_client zen.spamhaus.org”
    It did not give me any error messages and I rebooted the server. I expected to be given some indication in the admin interface that this was now active but I can't see anything different. Is there anything else I need to do to activate this RBL or is it now just silently working away?

  2. #2
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,587
    Rep Power
    58

    Default

    There is no indication other than the fact that you've enabled it.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  3. #3
    Join Date
    Mar 2007
    Posts
    42
    Rep Power
    8

    Default

    It doesn't appear to be working, I'm still getting connections from IP addresses listed in zen. I've followed the instructions to the letter, am I missing anything?

  4. #4
    Join Date
    Jun 2006
    Location
    Washington DC
    Posts
    124
    Rep Power
    9

    Default

    1. This ( WIKI you read ) is only meant to be used until DSPAM/SA got up to speed.
    As soon as they do ( week or two ), need to remove them as these RBL's are also being checked within SA.
    ( /opt/zimbra/conf/spamassassin/20_dnsbl_tests.cf to be exact )

    2. But to answer your question, for my server, I have to added/modified the following lines in /etc/syslog.conf ( make a copy first )

    mail.info -/var/log/mail.info
    mail.warn -/var/log/mail.warn
    mail.err /var/log/mail.err
    Then, /etc/rc.d/init.d/syslog restart

    This will give you the "Postfix" messages via the above files, so you can actually see what postfix is doing, since the WIKI referenced above tells Postfix to reject the message(s), not Zimbra MTA or SA or DSPAM.

    Some background: I am running FC4, may need to adjust for your flavor of OS.

    Hope this helps!

    Scotty

  5. #5
    Join Date
    Mar 2007
    Location
    Plymouth, uk
    Posts
    93
    Rep Power
    8

    Question zen.spamhaus.org not added to postfix conf

    I have also had problems with adding zen.sa - sbl works fine though! Is there a specific set of rbls that zimbra will allow?
    Running NE (4.5.6_GA_1044.UBUNTU6) on ubuntu 6.06

    I become the zimbra user, then:

    zmprov mcf zimbraMtaRestriction reject_invalid_hostname zimbraMtaRestriction reject_non_fqdn_hostname zimbraMtaRestriction reject_non_fqdn_sender zimbraMtaRestriction "reject_rbl_client zen.spamhaus.org" zimbraMtaRestriction "reject_rbl_client sbl.spamhaus.org"

    (yes, zen and sbl should not both be in the list, but this is to prove a point.)
    Now wait a few moments for zimbra to update the postfix config, just check that zimbra knows about it:

    zmprov gacf | grep zimbraMtaRestriction
    zimbraMtaRestriction: reject_invalid_hostname
    zimbraMtaRestriction: reject_non_fqdn_hostname
    zimbraMtaRestriction: reject_non_fqdn_sender
    zimbraMtaRestriction: reject_rbl_client zen.spamhaus.org
    zimbraMtaRestriction: reject_rbl_client sbl.spamhaus.org

    So zimbra has accepted the changes. Lets see what postfix thinks:
    postconf | grep smtpd_recipient_restrictions
    smtpd_recipient_restrictions = reject_non_fqdn_recipient, permit_sasl_authenticated, permit_mynetworks, reject_unlisted_recipient, reject_invalid_hostname, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_rbl_client sbl.spamhaus.org, reject_unauth_destination, permit

    Only sbl.spamhaus.org is added! Whats going on here?

    Of course previously I added just zen.sa and wondered why nothing seemed to be happening, and postconf would not show any changes at all. It only seems to accept sbl.

    Is this by design (only a predefined set of rbls are accepted), or is this some kind of wierd bug? Searching bugzilla for zen.spamhaus.org and spamhaus.org showed zarro bugs.

    Any ideas?

  6. #6
    Join Date
    May 2006
    Location
    USA
    Posts
    6,242
    Rep Power
    21

    Default

    A few things,
    -Be aware the sbl is already included in the zen
    -You can also enter them one at a time with +/-:
    Code:
    zmprov mcf +zimbraMtaRestriction "reject_rbl_client zen.spamhaus.org"
    -do a postfix reload - any change?

  7. #7
    Join Date
    Sep 2009
    Location
    Portland, Oregon USA
    Posts
    30
    Rep Power
    6

    Default

    This is a spamhaus related issue so I thought I would tack it on to this thread. I did look at a few other threads on this topic and saw no relevant issues. Zimbra is nailing 100% of incoming spam with no loss of legit mail that I can see so no worries. I migrated over to Zimbra after a decade or two running my e-mail off of two sendmail servers. So far so good.

    My problem is that zen.spamhaus does not seem to be working. When I run the e-mail test from spamhaus it says that blocking is not working. I noticed that zen.spamhaus.org is not resolving and was chided by their support about not reading their FAQ on the subject. Spamhaus has always worked flawlessly on sendmail so I'm wondering what gives. Sorbs and so on seem to be working fine.

    Here's the error in the log:

    Unrecognized warning:
    137.193.99.216.zen.spamhaus.org: RBL lookup error: Host or domain name not found. Name service error for name=137.193.99.216.zen.spamhaus.org type=A: Host not found, try again : 1 Time(s)
    46.193.99.216.zen.spamhaus.org: RBL lookup error: Host or domain name not found. Name service error for name=46.193.99.216.zen.spamhaus.org type=A: Host not found, try again : 1 Time(s)

    Spamhaus says: <http://www.spamhaus.org/faq/answers.lasso?section=DNSBL%20Usage#122>

    Spamhaus' test confirmed that Zimbra can receive e-mail and is not blocking their test messages. Then it tested zen and said:

    Uh-oh, your SBL block is not working!

    My config:

    [root@security backup-rsync]# su - zimbra
    [zimbra@security ~]$ zmprov gacf | grep zimbraMtaRestriction
    zimbraMtaRestriction: reject_non_fqdn_sender
    zimbraMtaRestriction: reject_non_fqdn_hostname
    zimbraMtaRestriction: reject_invalid_hostname
    zimbraMtaRestriction: reject_rbl_client spam.dnsbl.sorbs.net
    zimbraMtaRestriction: reject_rbl_client dnsbl.sorbs.net
    zimbraMtaRestriction: reject_rbl_client zen.spamhaus.org
    zimbraMtaRestriction: reject_rbl_client bl.spamcop.net

    [zimbra@security ~]$ postconf | grep smtpd_recipient_restrictions
    smtpd_recipient_restrictions = reject_non_fqdn_recipient, permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, reject_unlisted_recipient, reject_invalid_hostname, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_rbl_client spam.dnsbl.sorbs.net, reject_rbl_client dnsbl.sorbs.net, reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net, reject_rbl_client zen.spamhaus.org, reject_rbl_client dnsbl.sorbs.net, reject_rbl_client spam.dnsbl.sorbs.net, reject_rbl_client bl.spamcop.net, permit
    [zimbra@security ~]$

    Not a huge problem at this time but I'd like to get it resolved for future reference and for my own education. I do understand that SA apparently includes zen in it's e-mail filtering.

    Many thanks in advance!
    The Hon. Rev. Dr. Frank W. Saxton
    Knight in shining armor (2nd class)

    http://security.NOCdesigns.com

Similar Threads

  1. rbl config question
    By scottnelson in forum Administrators
    Replies: 4
    Last Post: 02-27-2008, 04:18 PM
  2. Trend Micro RBL doesn't work
    By crowley in forum Administrators
    Replies: 2
    Last Post: 07-25-2007, 07:41 AM
  3. SpamAssassin rbl and uribl checks not working
    By stuheiss in forum Administrators
    Replies: 0
    Last Post: 04-10-2007, 06:41 PM
  4. Postfix RBL lists debug ?
    By RaNd in forum Administrators
    Replies: 1
    Last Post: 03-31-2007, 12:44 AM
  5. RBL effectiveness
    By moniker in forum Administrators
    Replies: 2
    Last Post: 11-05-2006, 06:49 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •