Write about Mail here.
Spam Assassin
here is some information on Spam Assassin mail filtering.
http://wiki.apache.org/spamassassin/IntegratedSpamdInPostfix
http://www.5dollarwhitebox.org/wiki/index.php/Howtos_Spam_Assassin_Rules_Du_Jour_Configuration
http://spamassassin.apache.org/gtube/
http://spammin.sourceforge.net/
---
X-Spam-Checker-Version: SpamAssassin 3.2.4 (2008-01-01) on s74938.tsunami.ch
X-Spam-Flag: YES
X-Spam-Level: **************************************************
X-Spam-Prev-Subject: spam test 01
X-Spam-Report: * 1000 GTUBE BODY: Generic Test for Unsolicited Bulk Email * 0.0 HTML_MESSAGE BODY: HTML included in message
X-Spam-Status: Yes, score=1000.0 required=7.0 tests=GTUBE,HTML_MESSAGE autolearn=no version=3.2.4
---
Enable spamassassin rules for all addresses:
cd /var/qmail/mailnames;
for i in `find . -maxdepth 1 -type d`;
do find $i -maxdepth 1 -type d ;
done | sed 's/\.\///' | grep '/' | sed 's/\// /' | awk '{print $2, $1}' | sed 's/ /@/' | sed 's/^/\/usr\/local\/psa\/bin\/spamassassin.sh --update /' | sed 's/$/ -status true/' > spamon;
chmod +x spamon;
./spamon;
rm -f spamon;
/usr/local/psa/admin/bin/mchk --with-spam
--------
-creates a script spamon that runs
# /usr/local/psa/bin/spamassassin.sh --update username -status true
/usr/local/psa/bin/spamassassin.sh --update <new_mailname> -status true
then.... mchk --with-spam
-----
-to run through qmail's mail list
cd /var/qmail/mailnames; for i in `find . -maxdepth 1 -type d`; do find $i -maxdepth 1 -type d; done | sed 's/\.\///' | grep '/' | sed 's/\// /' | awk '{print $2, $1}' | sed 's/ /@/'; cd -
--------
Recommendation for slow Mail in Plesk
http://forum.swsoft.com/showthread.php?t=48002&highlight=slow+mail+delivery
You can run this command for a while and see if there is any application that trying to send emails via the web server. This may be a vulnerable application so after disabling it check to see if your qmail remote queue improves. phpBB is the usual suspect.
/usr/sbin/lsof +r 1 -p `ps axww | grep httpd | grep -v grep | awk ' { if(!str) { str=$1 } else { str=str","$1}}END{print str}'` | grep vhosts | grep php
Files: /etc/xinetd.conf
Modification: If you have lots of spare memory you can increase the number of instances and restart xinetd
instances = 200
Files: /etc/xinetd.d/smtp_psa and /etc/xinetd.d/smtps_psa
Modification: you can add -Rt0 to the start as below and restart qmail. This should stop qmail checking for reverse DNS
server_args = -Rt0 /var/qmail/bin/relaylock /var/qmail/bin/qmail-smtpd /var/qmail/bin/smtp_auth /var/qmail/bin/true /var/qmail/bin/cmd5checkpw /var/qmail/bin/true
You may want to log into your Plesk and go to Server > Mail > White List If you have the default 127.0.0.1/8 in your White List you are effectively running an open relay. Remove that one and change it to 127.0.0.1/32 (changing the subnet mask to 32 from 8). Why SWsoft have not fixed this yet is unknown.
I still have not found a good way to stop double-bounce messages filling up the qmail queue. This is something that I think SWsoft must address. IMHO, there should be a setting such that rejected emails are sent to /dev/null. At the moment the best solution I have is to install qmHandle.
http://sourceforge.net/projects/qmhandle
and run a cronjob say every 2 hrs to qmHandle -S"failure notice" qmHandle may have a problem finding the pidof command so I edited it to include a direct path to pidof. At any rate qmHandle is a very useful tool for working with qmail.
my ($pidcmd) = '/sbin/pidof qmail-send';
We also added
nameserver 127.0.0.1
as the first nameserver in /etc/resolv.conf and I think it improved performance.
Other useful security fixes you may consider are:
If in /etc/named.conf there is no option for
allow-recursion {
localnets;
};
Then you could add the following line to the options section in your file:
allow-recursion {127.0.0.1; ... all the server ips ....;};
and add this to the options section stop version being broadcast:
version "Dunno";
and add this to stop logging lame servers
// Logging
logging {
category lame-servers { null; };
};
Also you can stop root login. Be careful with this so you don't lock yourself out! Make sure you can login as the wheel user and su from that user to root before you proceed. We added a new user to the wheel group and then I edited /etc/ssh/sshd_config and made the following changes
Protocol 2
PermitRootLogin no
AllowUsers thewheeluseryousetup
-----
Plesk RBLs
Firstly, you can instead of using the individual lists just use zen.spamhaus.org, which encompasses SBL, XBL and PBL. I see that you are also rejecting any mails that return SPF fail.
-----------------------------------
Sendmail
-To enable the submissions port 587 add the following to the sendmail.mc file:
DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea')dnl
$ make
$ service sendmail restart
-To enable AUTH LOGIN
http://www.madboa.com/geek/sendmail-auth/
edit the sendmail.mc file:
define(`confAUTH_OPTIONS', `A p')dnl
dnl
TRUST_AUTH_MECH(`LOGIN PLAIN')dnl
define(`confAUTH_MECHANISMS', `LOGIN PLAIN')dnl
....and be sure 'saslauthd' is running!
-Telnet SMTP test with Authentication
http://www.webpan.com/customers/email/smtp_authentication_telnet_test.htm