Wednesday, October 31, 2018

Re: spamd and google smtp ips

* Stuart Henderson <stu@spacehopper.org> le [30-10-2018 23:39:23 +0000]:
> On 2018-10-30, Chris Narkiewicz <hello@ezaquarii.com> wrote:
> > Hi,
> >
> > I'm configuring spamd and I noticed that when I send an e-mail from
> > GMail, each time the e-mail is submitted by a different IP address.
> >
> > Here is spamdb output after sending a test email to myself:
> >
> > GREY|209.85.219.182|mail-yb1-f182.google.com|...
> > GREY|209.85.219.177|mail-yb1-f177.google.com|...
> > GREY|209.85.219.176|mail-yb1-f176.google.com|...
> > GREY|209.85.219.172|mail-yb1-f172.google.com|...
> > GREY|209.85.219.180|mail-yb1-f180.google.com|...
> > GREY|209.85.219.175|mail-yb1-f175.google.com|...
> > GREY|209.85.219.173|mail-yb1-f173.google.com|...
> > GREY|209.85.219.179|mail-yb1-f179.google.com|...
> > GREY|209.85.208.46|mail-ed1-f46.google.com|...
> > GREY|209.85.161.52|mail-yw1-f52.google.com|...
> > ... snip ...
> >
> > Of course they are not whitelisted, as each submission
> > attempt is done by a different node and I guess google has A LOT of
> > them. I see 2 issues with that:
> >
> > 1) e-mail delivery takes a lot of time (as google uses exponential
> > backoff and stops frequent retries after few failures)
> >
> > 2) whitelisted IPs are more likely being expired, as my server is
> > not getting a lot of gmail traffic
> >
> > I suppose different big e-mail providers will
> > have similar issues.
> >
> > I'm also running BGP server to download a whitelist,
> > but it does not contain google servers.
> >
> > Are there any solutions get around this problem? Ideally I'd like
> > to just whitelist reputable mail providers as I see little chance
> > that any spammer will outsmart Google/Yahoo/Microsoft/etc.


To solve this problem, I use two methods :

## whitelist from bsdly.net (thaniks again peter : )

In /etc/pf.conf

table <nospamd> persist file "/etc/mail/nospamd"
pass in on egress proto tcp from <nospamd> to any port smtp

/in /etc/weekly.local :

echo "update nospamd file"
ftp -o /etc/mail/nospamd http://www.bsdly.net/~peter/nospamd


## whitelist from spf walk :

In /etc/mail/spamd.conf :


all:\
:nixspam:bgp-spamd:bsdlyblack:whitelist:

...

whitelist:\
:white:\
:method=file:\
:file=/etc/mail/whitelist.txt


In /etc/weekly.local :

/usr/local/bin/domain-white-spamd

In /usr/local/bin/domain-white-spamd, adjust with domins you need :

TMP=$(mktemp)

WHITELIST=/etc/mail/whitelist.txt

DOMAINS='outlook.com
gmail.com
google.com
hotmail.com
yahoo.com
yahoo.fr
live.fr
mail-out.ovh.net
mxb.ovh.net
gandi.net
laposte.net
github.com
protonmail.com
'


for d in $DOMAINS; do
echo "$d" | smtpctl spf walk >> "$TMP"
done
mv "$TMP" "$WHITELIST"
exit 0




--
thuban

No comments:

Post a Comment