{"id":3562,"date":"2014-09-20T18:41:40","date_gmt":"2014-09-20T10:41:40","guid":{"rendered":"http:\/\/rmohan.com\/?p=3562"},"modified":"2014-09-20T18:43:56","modified_gmt":"2014-09-20T10:43:56","slug":"block-spam-mail-with-qmail","status":"publish","type":"post","link":"https:\/\/mohan.sg\/?p=3562","title":{"rendered":"Block Spam Mail with Qmail"},"content":{"rendered":"<p>Qmail is a modern, secure and powerful SMTP email system. We used QmailRocks as a qmail installation resource.<br \/>\nI would like to introduce few step for \u201cBlock Spam Mails with Qmail\u201c.<\/p>\n<p>1. Qmail block mail from spammers based on the envelope sender<br \/>\nQmail has the ability to unconditionally block mail from spammers based on the envelope sender (which may not be the same as the \u201cFrom:\u201d field in the header, don\u2019t be surprised if this approach misses some emails that you think it should catch). In other words, if the spammers don\u2019t lie about their sending domain, qmail may be able to block them before the mail message is even transmitted. This cuts down on things like bounces, and hopefully spam!<\/p>\n<p>cd  \/var\/qmail\/control<br \/>\nDownload the sa-blacklist.current.at-domains file<\/p>\n<p>mv sa-blacklist.current.at-domains badmailfrom<br \/>\nOR append it to badmailfrom<\/p>\n<p>\/var\/qmail\/control\/badmailfrom<br \/>\nis the file you should look at to block all mail<br \/>\nfrom a particular domain.<br \/>\nRestart qmail (e.g. qmailctl stop; qmailctl start)<br \/>\nLet\u2019s test it<\/p>\n<p>[root@planetmy]# telnet localhost 25<br \/>\nTrying 127.0.0.1&#8230;<br \/>\nConnected to localhost.localdomain (127.0.0.1).<br \/>\nEscape character is &#8216;^]&#8217;.<br \/>\n220 planetmy.com ESMTP<br \/>\nMAIL FROM: testing@zzzsoft.com<br \/>\n250 ok<br \/>\nRCPT TO: user@planetmy.com<br \/>\n553 sorry, your envelope sender is in my badmailfrom list (#5.7.1)<br \/>\nIn this case, we tried to send mail from an account at a known spammer; zzzsoft.com. We then told the mail server where the mail needs to go. The mail server then told us that it can\u2019t accept mail from zzzsoft.com because we\u2019d correctly installed the qmail block list.<br \/>\nGongratulation! You\u2019re done!<br \/>\nPossibly Related Posts:<br \/>\nHow to Install Webmin on OpenFiler<br \/>\nlppasswd: Unable to open passwd file: Permission denied<br \/>\nMissing \/var\/log\/lastlog<br \/>\nTelnet service_limit error<br \/>\nHow To Capture PUTTY Session Log<\/p>\n<p>How to disable spammer domain in QMAIL mail server with badmailto variable<\/p>\n<p>I&#8217;ve recently noticed one of the qmail SMTP servers I adminster had plenty of logged spammer emails originating from yahoo.com.tw destined to reache some random looking like emails (probably unexisting) again to *@yahoo.com.tw<\/p>\n<p>The spam that is tried by the spammer is probably a bounce spam, since it seems there is no web-form or anything wrong with the qmail server that might be causing the spam troubles.<br \/>\nAs a result some of the emails from the well configured qmail (holding SPF checks), having a correct existing MX, PTR record and even having configured Domain Keys (DKIM) started being marked, whether emails are sent to *@yahoo.com legit emails.<\/p>\n<p>To deal with the shits, since we don&#8217;t have any Taiwanese (tw) clients, I dediced to completely prohibit any emails destined to be sent via the mail server to *@yahoo.com.tw. This is done via \/var\/qmail\/control\/badmailto qmail control variable;<\/p>\n<p>Here is content of \/var\/qmail\/control\/badmailto after banning outgoing emails to yahoo.com.tw;;;<\/p>\n<p>qmail:~# cat \/var\/qmail\/control\/badmailto<br \/>\n[!%#:*^]<br \/>\n[()]<br \/>\n[{}]<br \/>\n@.*@<br \/>\n*@yahoo.com.tw<\/p>\n<p>The first 4 lines are default rules, which are solving a lot of badmailto common sent emails. Thanks God after a qmail restart:<\/p>\n<p>qmail:~# qmailct restart<br \/>\n&#8230;.<\/p>\n<p>Checking in \/var\/log\/qmail-sent\/current, there are no more outgoing *@yahoo.com.tw destined emails. Problem solved \u2026<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Qmail is a modern, secure and powerful SMTP email system. We used QmailRocks as a qmail installation resource. I would like to introduce few step for \u201cBlock Spam Mails with Qmail\u201c.<\/p>\n<p>1. Qmail block mail from spammers based on the envelope sender Qmail has the ability to unconditionally block mail from spammers based on the [&#8230;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[32],"tags":[],"_links":{"self":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/3562"}],"collection":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3562"}],"version-history":[{"count":2,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/3562\/revisions"}],"predecessor-version":[{"id":3564,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/3562\/revisions\/3564"}],"wp:attachment":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3562"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3562"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3562"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}