For current documentation, please see:
Older pages are below.
https://userinfo.rahul.net/and following the link entitled "Email Address and SMTP Filtering Control".
If you have a custom domain, you can add arbitrary email addresses in your
domain. An email address may forward to any other email address on the
Internet. To simply cause an email address to forward to your mail account,
specify your username as the destination. Here are some examples:
joe@example.com => joe sales@example.com => mysalesguy@remotelocation.com accounting@example.com => joeIf you do not have a custom domain, you can still forward mail for any hyphenated suffix of your email address. (See also:
joeuser@rahul.net => joeuser joeuser-school@rahul.net => myothermailbox@elsewhere.net joeuser-office@rahul.net => joeuserYou can also cause mail arriving for an email address to be rejected, by forwarding that email address to the special token "fail". This may optionally be followed by a colon and an error message. The sender of the failed email will see the error message when his mail fails. Examples are below.
sue@example.com => fail joe@example.com => fail:Joe is no longer here bill@example.com => fail:Bill has moved to bill@elsewhere.net joeuser@example.com => joe@someotherdomain.net joeuser-school@example.com => fail:I am no longer in schoolWhen incoming mail is rejected due to the use of the "fail" token as above, our network refuses to accept the message, by returning an SMTP error code during the SMTP transaction. No bounce message is sent back, since the original incoming message is never accepted in the first place.
joeuser-office@rahul.net => fail:I no longer have an office joeuser-school@rahul.net => fail:Joe is no longer in school joeuser-xxx@rahul.net => fail:No such person
For example, a user "joeuser" whose normal email address is "joeuser@rahul.net"
could make up new email addresses like this:
joeuser-xxx@rahul.net joeuser-yyy@rahul.net joeuser-school@rahul.netand so on. He can then supply such email addresses to others. For example, he could tell his school to use the address joeuser-school@rahul.net when sending him email. Then, when email arrives for him, he can have his mail program, if it has the capability, automatically refile the email into the right mail folder.
When this user signs up for correspondence at a web site, he can make up a new email address just for that web site. Later on, if he starts to receive spam at that email address, this may be a good indication that that web site gave his email address to the spammer.
Multiple hyphens are permitted, i.e., an email address like joeuser-xxx-yyy@rahul.net will also work, and will cause mail to be delivered to joeuser@rahul.net.
Any (Old) Classic Linux: SMTP Filtering to Keep Out Spam
that is active for an email address is automatically also applied to any
corresponding hyphenated email address. Thus, for example, if SMTP filtering is
enabled for joeuser@rahul.net, then it is also automatically enabled for
joeuser-xxx@rahul.net.
If you have a custom domain, you may generate hyphenated email addresses in the same way, by adding a hyphenated suffix before the @ character to any email address in your domain. For example: joeuser@example.com, joeuser-xxx@example.com, joeuser-yyy@example.com, and so on.
If you wish to separately control SMTP filtering for a hyphenated email addresses, simply
add each such address (see: (Old) Adding/Removing Email Addresses).
Then you can set SMTP filtering status independently for each hyphenated suffix.
Note that email addresses with hyphenated suffixes can be made up at any time,
and you need not explicitly add each one to the mail system. Only if you want to
separately set SMTP filtering or mail forwarding for such an address do you
need to explicitly add it.
By the use of Greylisting and black lists (see references below), a substantial amount of spam is rejected before it enters our network. This is called SMTP filtering.
You may adjust the SMTP filtering for your email address(es) by going to:
and following the link entitled "Email Address and SMTP Filtering Control".
You can add multiple email addresses
(see (Old) Adding/Removing Email Addresses)
and set the SMTP filtering for each as you prefer.
Wildcard domains: A domain name beginning with '@', such as @example.com, is called a wildcard domain. In our system this represents all unknown addresses in the domain.
To keep out dictionary attacks and prevent excessive machine load, email arriving for a wildcard domain, i.e., for unknown addresses in a domain, will always be subjected to a high degree of SMTP filtering and this cannot be switched off. You may create specific email addresses in your domain and separately adjust the SMTP filtering for each one.
References: For more information about greylisting and black lists, please see:
A newer version of this page can be found at http://info.rahul.net/classic:email_address_and_advanced_smtp_filtering_control.
An old version of this page is below.
An advanced user interface to SMTP filtering can be used by going to: https://userinfo.rahul.net/ and following the link entitled "Email Address and Advanced SMTP Filtering Control".
To enable or disable SMTP filtering, check or uncheck the ENABLE box. Checked will give you less spam and unchecked will give you more spam. Also from among A, B, C, ..., X select one or more.
The ENABLE checkbox acts like a master OFF switch. If it is left cleared (i.e., unchecked), then SMTP filtering will not be active, regardless of whether any of A, B, C, ..., X are checked.
A, B, and C will very rarely, if ever, block legitimate email. C is slightly more aggressive than B but not unduly so.
Enabling D, E, and X should eliminate almost all spam, while allowing an occasional false hit. If you enable any of D, E, or X, then B and C will also become active.
To find out more details about what each of A, B, C, ..., X does, look for a link entitled "Details about A, B, C, ..., X" near the bottom of the SMTP Filtering user interface.
You don't have to stick to any one combination of SMTP filtering options. Simply add a number of email addresses (see (Old) Adding/Removing Email Addresses) and set the SMTP filtering for each as you prefer. For example, email addresses that you give to close friends or family can be left only mildly filtered, while email addresses that you publish on a web page may need to be heavily filtered.
You can find out which mail arriving for you was blocked by SMTP filtering with the help of the scan.logs command. Invoke this at the Linux shell with -h for help, like this:
scan.logs -h
Regardless of how aggressively an email address is filtered, a motivated sender should always be able to get through to you. When SMTP filtering blocks a message, the blocked message is rejected with a valid SMTP code. The sender will get back an error indication from his mail system. So the sender will know that his email did not get through. If he really wants to reach you, he will find some way. Contrast this with the more conventional approach in which spam gets refiled into a spam folder. If the intended recipient doesn't check the spam folder and notice a misfiled non-spam message, the non-spam message is silently lost. The sender thinks it reached, but the recipient never notices it. SMTP filtering does not let mail get silently lost this way--either the recipient gets it, or the sender knows that the recipient did not get it.
But non-motivated senders will sometimes not reach you if SMTP filtering is enabled. A non-motivated sender is one who discards or ignores sending errors or, knowing that an error occurred, makes no noticeable effort to solve the problem that caused his email to you to fail. Ask non-motivated senders to send you email at an email address that is completely non-SMTP-filtered.
Many operators of mailing lists are non-motivated senders. Subscribe
to such mailing lists using a hyphenated suffix email address
(see (Old) Email Hyphenated Suffixes)
and keep SMTP filtering disabled for that email address.
You may need to subscribe to the mailing list twice: once with your "normal"
email address so you can conveniently send mail to the list, and again with the
hyphenated suffix email address at which you receive mail from the list.
Set your subscription options so the list sends no mail to your "normal"
email address, but still recognizes that email address as a
subscriber to the list.
However, one result of the above strategy might be that many people on the mailing list will have your "normal" email address in their address-books. Sooner or later, this email address will leak out into the global Internet, and you will begin getting (more) spam at it. A less spam-prone option is to use the same hyphenated email address to send mail to the list. If you can, use a mail program (e.g., pine) that can automatically set your from email address based on the address to which you send mail. If in the future you begin getting too much spam at the hyphenated email address, simply forward that address to "fail" and re-subscribe to the mailing list with a new hyphenated email address.
You can block all mail from certain countries of your choice by following the link from within the Advanced interface to the Baroque interface. Then select the countries to block using two-character codes below. Countries are identified by the IP address of the remote host that connects to our servers to send mail.
The Baroque interface will also let you select an option "OLD". This enables SMTP filtering at a level equal to the way it used to be in March 2006, before the new options became available. The OLD filtering can be activated only if options B and C are both unchecked (to avoid duplicate processing, because B and C include everything that OLD does).
Warning: The descriptions above are approximate. Black lists and techniques in use may change without notice. IP address-to-country mappings are believed to be close to 100% accurate but are not guaranteed to be so.
Although our SMTP filtering does not allow a specific sender to be white-listed,
you can take advantage of our (Old) Email Hyphenated Suffixes feature.
Simply create a new email address just for use by that sender, explicitly add
that address (see
(Old) Adding/Removing Email Addresses),
and keep SMTP filtering switched off for only that email address
(see
(Old) Classic Linux: SMTP Filtering to Keep Out Spam).
Then give that sender this new
email address and ask him to send mail to you at this email address.
Now that sender can send you email, while
all your other email is still spam-filtered just as well as ever.
Also please see: (Old) If Legitimate Mail is Blocked.
This implementation of SpamAssassin includes Bayesian (i.e., probabilistic) spam filtering that uses a central database.
Every email message you receive will
end up containing a spam rating added by SpamAssassin. Look for headers
beginning with 'X-Spam-', for example:
X-Spam-Flag: X-Spam-Report: X-Spam-Status: X-Spam-Level:Based on these headers you can have other code in your .procmailrc file that will refile or delete spam based on your preferences.
Note: Mail arriving for certain Nojunk domains, such as boxmail.com, might not be scanned by SpamAssassin at this time. This will be corrected in the future.
You can adjust your SpamAssassin preferences by editing the user_prefs file in your
.spamassassin directory. If this does not already exist, SpamAssassin will
automatically create one for you. You can also use a web interface to update
your SpamAssassin preferences at this URL:
https://usermin.rahul.net:20000/Use the above web interface to adjust the following settings to your satisfaction:
Allowed and Denied Addresses -> From: addresses to never classify as spam From: addresses to always classify as spamThere are a large number of other SpamAssassin settings, but we recommend you change them only if you consider yourself to be an advanced SpamAssassin user.
Spam Classification -> Hits above which a message is considered spam Languages in email that are not considered potential spam Character sets in email that are not considered potential spam
If you have lines like the following in your .procmailrc file, or any other lines that
invoke "spamassassin" or "spamc", you should remove them or comment them
out.
# spamassassin beta-test {{{
# back up :0c: ./Mail/Backupmail
# filter :0fw | spamc
# }}}
Collect non-spam messages in a mailbox, and then use this command:
% sa-learn --progress --mbox --ham <filename>where <filename> is the filename of the mailbox containing non-spam (termed 'ham').
Collect spam messages in another mailbox, and then use this command:
% sa-learn --progress --mbox --spam <filename>The sa-learn command will automatically ignore duplicates, so you can efficiently run it on the same mailbox(es) over and over again.
After sa-learn has seen a few hundred spam messages, and a few hundred
non-spam messages, Bayesian filtering will become active. Then you will
notice that the X-Spam-Status lines in email will includes tokens such
as BAYES_99 indicating the Bayesian probability of the message being
spam.
You probably already have a user_prefs file in your .spamassassin
directory. Manually combine your personal settings in this file with
the global defaults contained in the file:
/usr/share/spamassassin/user_prefs.templateYour previous SpamAssassin installation may already have collected some Bayesian tokens. If so, they will be in your .spamassassin directory in files whose names match 'bayes*', such as:
bayes_journal bayes_seen bayes_toksYou can import these into the new SpamAssassin's central database.
First, use 'sa-learn' at least once with the --spam or --ham option (as
described in the (Old) SpamAssassin: Bayesian Filtering section above),
so that the central database is correctly initialized for you. Otherwise the steps
below may fail.
Then cd into your .spamassassin directory and use the following commands:
% sa-learn --siteconfigpath=/ --backup > data.txt % sa-learn --restore data.txtThe first sa-learn command above will export your current Bayesian data into a file called 'data.txt'. Any error message of the form 'bayes: bayes db version 2 is not able to be used, aborting! ...' can be safely ignored.
The second sa-learn command will import data from 'data.txt' into the central database.
Both sa-learn commands above can take a while, depending on the size of your existing Bayesian data.
After the --restore step above, you can check the size of the imported
data with:
% sa-learn --dump magicLook at the 'nham' and 'nspam' values to get a count of non-spam and spam tokens respectively in the database.
After the import has been done, you can delete the bayes* files in your
.spamassassin directory thus:
% rm bayes*
In practise we don't expect any of this to be a problem. In no case does
SpamAssassin allow anybody to access any of your data outside of
your .spamassassin directory and outside of the Bayesian database.
550 Virus Detected; Content RejectedIf you are sending outgoing mail from your home or office machine through our SMTP server, and if the send attempt fails with a message like the one shown above, it means that our SMTP server is detecting a virus in the email that you are attempting to send. Use an antivirus program on your home or office machine to clean it of any viruses and then try again.
If anybody trying to send you email complains that his email to you is
bouncing back with an error message like the one above, it means that our
SMTP servers are detecting a virus in the email that he is trying to send to
you. Ask him to use an antivirus program on his
home or office machine to clean it of any viruses and then try again.
If a correspondent is unable to send you email because our SMTP filtering is blocking his host or IP address, here are some of your choices.
- You can ask the person who administers the sending site to correct the problem that is causing the blocking, if it is correctable. For example, if he is sending mail from a dynamic IP address, he could relay mail via his connectivity provider's mail server. If he is sending mail from a host that does not have valid DNS, he could attempt to correct the DNS configuration, or relay outgoing mail via another server (a "smarthost") that does have valid DNS. If he is operating or sending from a pro-spam site that is blocked because of its reputation, he can persuade his organization to cease its pro-spam activities and have itself de-listed from the various black lists.
- You can ask the sender to get a different mailbox (for example, at a free email provider) and send you mail from there.
- You can switch off your own SMTP filtering. Then you will be able to receive mail from this sender. You will also get more spam. Details are in (Old) Classic Linux: SMTP Filtering to Keep Out Spam. (Note: switching off SMTP filtering does not leave you completely helpless. All incoming email is also scanned by
(Old) SpamAssassin to Identify Spam and you may adjust your .procmailrc script to delete or refile spam as appropriate to your needs. This may, however, increase the burden on you to visually check your spam folder for any misfiled mail.)
- You can add an alternate email address for yourself, keep SMTP filtering switched off for this alternate address, and ask the sender to send you mail at this alternate email address. Details are in (Old) Selective Whitelisting.
If you think that our blocking is too aggressive, and that some innocent party sending mail from a well-administered location, not affiliated with any pro-spam organization, having valid DNS, and not using a dynamic IP address, is being unfairly blocked, then please do the following.
FIRST, take action as described above, so the innocent sender is able to send you mail.
THEN, ask the person who administers the sending site to go to one or more of the web sites below, and check to see if his IP address is being blocked in any black lists, and if so, to take all possible reasonable steps to get his IP addresses delisted from the ones that are in wider use.
- OpenRBL http://www.openrbl.org/
- CompleteWhoIs http://www.completewhois.com/rbl_lookup.htm
- Robtex http://www.robtex.com/
- Declude http://www.declude.com/Articles.asp?ID=97
FINALLY, please contact support@rahul.net and notify us of the situation.
This document is: http://faq.rahul.net/cgi-bin/fom.cgi?file=30
[Search]
[Appearance]
[Show Top Category Only]
This is a Faq-O-Matic 2.721.