Sponsor:

Server and Web Integrator
Link:
Kloxo-MR logo
6.5.0 or 7.0.0
Click for "How to install"
Donation/Sponsorship:
Kloxo-MR is open-source.
Donate and or Sponsorship always welcome.
Click to:
Click Here
Please login or register. 2018-07-21, 05:51:53

Author Topic: Spamassassin RDNS_NONE Rule False Positives  (Read 10001 times)

0 Members and 1 Guest are viewing this topic.

Offline Joe

  • Valuable Member
  • *
  • Posts: 147
  • Karma: +2/-0
    • View Profile
Spamassassin RDNS_NONE Rule False Positives
« on: 2014-02-01, 17:18:14 »
I just upgraded from Kloxo original to MR. Now when using Spamassassin all emails are showing false positives for the 'RDNS_NONE' rule. There seems to be a problem with reverse dns lookups.

I've used Kloxo original for years with Spamassassin on multiple servers and never had this problem. I use custom scoring and many spammers do not have reverse dns but some legitimate mail as well so I like to increase the RDNS_NONE score to prevent spam but not reject all email without reverse dns.

Offline MRatWork

  • Administrator
  • The Elite
  • *****
  • Posts: 15,382
  • Karma: +115/-9
  • Gender: Male
    • View Profile
    • MRatWork Forum
..:: MRatWork (Mustafa Ramadhan Projects) ::..
-- Server/Web-integrator - Web Hosting (Kloxo-MR READY!) --

Offline Joe

  • Valuable Member
  • *
  • Posts: 147
  • Karma: +2/-0
    • View Profile
Re: Spamassassin RDNS_NONE Rule False Positives
« Reply #2 on: 2014-02-01, 17:52:43 »
I just followed those steps for qmail and spamassassin is still showing all incoming mail as RDNS_NONE.

Offline MRatWork

  • Administrator
  • The Elite
  • *****
  • Posts: 15,382
  • Karma: +115/-9
  • Gender: Male
    • View Profile
    • MRatWork Forum
Re: Spamassassin RDNS_NONE Rule False Positives
« Reply #3 on: 2014-02-01, 18:09:36 »
Try bogofilter instead spamassassin. Setup in 'switch program'.
..:: MRatWork (Mustafa Ramadhan Projects) ::..
-- Server/Web-integrator - Web Hosting (Kloxo-MR READY!) --

Offline Joe

  • Valuable Member
  • *
  • Posts: 147
  • Karma: +2/-0
    • View Profile
Re: Spamassassin RDNS_NONE Rule False Positives
« Reply #4 on: 2014-02-01, 18:23:32 »
Bogofilter can't compare to spamassassin. I have custom rules and DnsBlocklists that I have used over many years with spamassassin that has eliminated 99% of spam. All of them work except for rdns lookups and now only about 90% of spam is blocked because I had to disable RDNS_NONE.

Offline Joe

  • Valuable Member
  • *
  • Posts: 147
  • Karma: +2/-0
    • View Profile
Re: Spamassassin RDNS_NONE Rule False Positives
« Reply #5 on: 2014-02-01, 18:37:21 »
Is this a different version of Spamassassin made for Qmailtoaster? How is it different from the original Kloxo version that was installed?

Offline MRatWork

  • Administrator
  • The Elite
  • *****
  • Posts: 15,382
  • Karma: +115/-9
  • Gender: Male
    • View Profile
    • MRatWork Forum
Re: Spamassassin RDNS_NONE Rule False Positives
« Reply #6 on: 2014-02-01, 18:40:10 »
Spamasssin also taken from qmailtoaster.com
..:: MRatWork (Mustafa Ramadhan Projects) ::..
-- Server/Web-integrator - Web Hosting (Kloxo-MR READY!) --

Offline Joe

  • Valuable Member
  • *
  • Posts: 147
  • Karma: +2/-0
    • View Profile
Re: Spamassassin RDNS_NONE Rule False Positives
« Reply #7 on: 2014-02-01, 19:05:37 »
How do I remove this version of spamassassin?

Offline Joe

  • Valuable Member
  • *
  • Posts: 147
  • Karma: +2/-0
    • View Profile
Re: Spamassassin RDNS_NONE Rule False Positives
« Reply #8 on: 2014-02-01, 19:19:58 »
yum remove spamassassin-toaster

Will try a newer version and see if it works.

Offline Joe

  • Valuable Member
  • *
  • Posts: 147
  • Karma: +2/-0
    • View Profile
Re: Spamassassin RDNS_NONE Rule False Positives
« Reply #9 on: 2014-02-01, 19:33:46 »
I installed Spamassassin 3.3.2-7 and same problem. Kloxo MR is not performing reverse DNS lookups.

Offline Spacedust

  • Super Grand Master
  • ****
  • Posts: 3,962
  • Karma: +1/-0
    • View Profile
Re: Spamassassin RDNS_NONE Rule False Positives
« Reply #10 on: 2014-02-02, 15:30:45 »
It works fine blocking all spammers ;)

Offline Joe

  • Valuable Member
  • *
  • Posts: 147
  • Karma: +2/-0
    • View Profile
Re: Spamassassin RDNS_NONE Rule False Positives
« Reply #11 on: 2014-02-02, 20:32:30 »
It works fine blocking all spammers ;)

Nothing blocks ALL spammers without blocking some legitimate mail but Spamassassin does the best job especially if you tweak the default rules.

MRatWork,

Spamdyke's feature of Rejecting Servers Without RDNS Names works but Spamassassin for some reason isn't looking up reverse dns. Tested again with Kloxo original and the Spamassassin RDNS_NONE feature works.

I guess for now I'll use Spamdyke's setting since it should bounce the message and let the legitimate sender know why it was rejected.

Offline Spacedust

  • Super Grand Master
  • ****
  • Posts: 3,962
  • Karma: +1/-0
    • View Profile
Re: Spamassassin RDNS_NONE Rule False Positives
« Reply #12 on: 2014-02-02, 23:26:39 »
I confirm this too also checking MX is false positive ! MX exists but it shows that it doesn't and rejects mail !

Disable this to get all your e-mails !

How to fix this ?
« Last Edit: 2014-02-03, 00:15:01 by Spacedust »

Offline Joe

  • Valuable Member
  • *
  • Posts: 147
  • Karma: +2/-0
    • View Profile
Re: Spamassassin RDNS_NONE Rule False Positives
« Reply #13 on: 2014-02-03, 01:07:10 »
Yea, if you look at the email headers of all incoming email it shows "Received: from unknown" when it should show "Received: from hostname and ipaddress". I think all of these problems are caused by Kloxo MR's requirement to use qmail toaster compared with the original Kloxo.

Kloxo original using qmail does not show the "Received: from unkown" header. Something sure doesn't seem configured right or I'm not sure if qmail toaster handles headers differently and that creates a problem with Spamassassin.
« Last Edit: 2014-02-03, 02:40:21 by Joe »

Offline chrisf

  • Senior Master
  • **
  • Posts: 883
  • Karma: +11/-1
  • Gender: Male
  • Be the change that you wish to see in the world.
    • View Profile
    • Conviction's Hosting
Re: Spamassassin RDNS_NONE Rule False Positives
« Reply #14 on: 2014-02-03, 17:16:01 »
It appears qmail-toaster does headers differently.  The received from unknown, not sure if a bug, or if that is how they set it up, since right after that it has the (helo hostname) IP.

It appears to be a regex problem in the perl script for spamassassin.

Using spamdyke protects you from this, so enable spamdyke and disable rdns none in spamassassin.

Find and Change /etc/spamassassin/local.cf:

Code: [Select]
score RDNS_NONE 0
Christopher

Knowledge in: PHP, Perl, MySQL, Javascript, Actionscript, FLASH, HTML, CSS
Server Administrator / Developer: https://convictionshosting.com

 


Top 4 Global Search Engines:    Google    Bing    Baidu    Yahoo
Click Here

Page created in 0.062 seconds with 23 queries.

web stats analysis