Tag Archives: SMTP

Email Greylisting

First, for the un-initiated, click here to learn about email greylisting.

When email admins talk about greylisting, one of the benefits they normally point to is load on the actual email server but fail to mention supporting systems. I did notice a decrease in mail processing load there as well as my database server.

Keep in mind this is NOT a busy email server. It’s only hosting a couple TLDs.

I noticed an immediate improvement after restarting mail services (I did not reboot the server).

Email processing by amavisd was greatly reduced since the SMTP server rejected all new connections initially.
The “orange” is spam detected by amavis:

Below is the MariaDB database server.
Notice the drop in “pink” (ignore the spikes, those are backups) since the email server is rejecting before it has to query the database:

All things considered, SPAM and processing load has been greatly reduced.

Spam Bashing

We finally have our spam filtering back in place at kulish.com. We’ve set it to a semi-aggressive filter where pretty much every incoming email is marked with a spam score.

We’re using the postfix+amavis+clamd+spamassassin setup.

While we’ve been doing without it for a few months (using client side stuff until I found time), I still don’t remember it working this well on the last server install.

Here’s a wopper of an email, just after the installation and testing were completed. The receiving parties and server names have been sanitized to protect the marginally innocent (**PROTECTED**).

From ***PRO@TECTED***.com Tue Feb 14 23:02:47 2006
Return-Path:
Delivered-To: spam-quarantine
X-Envelope-From:
X-Envelope-To: **PROTECTED**
X-Quarantine-Id:
Received: from lh (unknown [61.130.156.43])
by **PROTECTED** (Postfix) with SMTP id D90164B92A;
Tue, 14 Feb 2006 23:02:35 -0600 (CST)
Received: from 61.130.156.43 (HELO localhost.localdomain) (61.130.156.43)
by 61.130.156.43 with SMTP; Wed, 15 Feb 2006 07:06:05 +0200
Message-Id:

SASL Screws Mail Admins (AGAIN)

It seems that the SASL developers are still hard at work *censored*ing things up. Well, actually, I don’t think they have to work very hard at it. It seems to come natural to them.

After upgrading the SASL libraries on my email server, SMTP authentication is refusing to work.

I found a few tidbits of information, but no fixes.

I found this email that says I have to grab a cvs snapshot. They have GOT TO BE KIDDING! Sadly, they are not. Time to replace some project managers and developers here. They obviously haven’t a clue what they are doing.

Over here, I found another clue as to what is going on. A poor email server admin trying to un*censored* the SASL team’s problems.

But for now, we wait, watch, and hope a fix is forthcoming from these bozos.

UPDATE:

Here’s the smtpd.conf I used to get the lastest (2.1.18) SASL working!

pwcheck_method: auxprop
#auxprop_plugin: mysql
sql_engine: mysql
sql_user: sqlusername
sql_passwd: sqlpassword
sql_hostnames: sqlserver
sql_database: sqldatabase
sql_statement: select password from mailbox where username = ‘%u@%r’
sql_verbose: true
mech_list: plain login