You are here: Utilities > Administration > Server > Server Settings: Security: Spam Blocking

Utilities: Administration: Server: Server Settings: Security: Spam Blocking

 

ListManager email addresses (such as join and list addresses) may be spammed like any other email address. These settings allow you to evaluate email being received by the ListManager server to determine whether it is legitimate or spam.

 


SPF

 

SPF level

ListManager can use SPF (Sender Policy Framework) to check incoming messages for spam. ListManager can examine the MAIL FROM: header during the SMTP transaction (or the HELO string if there is no From: header) and perform a DNS lookup on the domain to see if the computer sending the message is approved.

More information about SPF checks may be found at http://spf.pobox.com/; the RFC proposals for this standard may be found at http://spf.pobox.com/draft-mengwong-spf-01.txt .

 

The following SPF levels are available:

 

Off (default)

No SPF checking is performed.

 

Add Received-SPF header

ListManager checks incoming mail against SPF rules, and adds a Received-SPF: header to the message visible in Mailings: Mailing Status: Mail Queues: Mail Queue -- Incoming. Example:

Received-SPF: pass (mail.example.com [192.168.0.4] <joebob@example.com>)

 

Temporary Error from DNS

If an error is received while evaluating DNS information for SPF, ListManager rejects the message with a 450 message (transient error) and disconnects. The connecting mail server may then retry the message later.

 

Reject on FAIL

Rejects messages that fail the SPF check. These messages will not appear in Mailings: Mailing Status: Mail Queues: Mail Queue -- Incoming, but a record of the rejection will be available in Utilities: Administration: Server: Debug Logs if the incoming trace option is selected.

 

Reject on SOFTFAIL

In addition to rejecting messages that FAIL, also rejects messages that SOFTFAIL the SPF check. The SOFTFAIL status is for messages that the DNS record can not confidently identify as a forgery.

These messages will not appear in Mailings: Mailing Status: Mail Queues: Mail Queue -- Incoming, but a record of the rejection will be available in Utilities: Administration: Server: Debug Logs if the incoming trace option is selected. This option is not recommended, but available for ListManager administrators who want to only accept mail that pass SPF rules.

 

Reject on NEUTRAL

In addition to rejecting on FAIL and SOFTFAIL, also rejects messages that are NEUTRAL from the SPF check. The NEUTRAL status is for domains that specify a neutral value, or for checks that cannot pass or fail the SPF check.

These messages will not appear in Mailings: Mailing Status: Mail Queues: Mail Queue -- Incoming, but a record of the rejection will be available in Utilities: Administration: Server: Debug Logs if the TRACE option is selected. This option is not recommended, but available for ListManager administrators who want to only accept mail that pass SPF rules.

 

Enable blocking-mode SPF

Specifies whether ListManager should wait until SPF processing is completed before accepting or rejecting mail. By default, this setting is set to "no", meaning ListManager will wait at most 30 seconds for SPF results. If this length of time has passed and no SPF results have been returned, it will accept the current message but will use the SPF results returned (and cached) for future messages.

If set to "yes", ListManager will wait until SPF results have been returned before proceeding with further processing of the message. Incoming mail processing may be slowed by SPF checks, and some connecting mail servers may disconnect during the SMTP transaction if no response is given for a long time.

 

SPF Allowed IPs

The list of IP addresses that will automatically pass. In some environments, internal mail from MX backups or relay systems may fail the SPF test. This setting allows administrators to specify IP addresses that will automatically pass SPF. Enter single IP addresses, or IP address ranges. Example:

 

192.68.0.1
10.0.0.1-10.0.0.6

 


Join and Leave Mail

 

Check Join and Leave Mail for Spam

Specifies whether ListManager should check join and leave mail for lengthy messages characteristic of spam. By default, this setting is no.

 

Typically, such messages are quite short--one or two lines. However, some email clients may add additional formatting, or users may have a long signature for their messages.

 

When set to yes, join requests may be rejected based on the number of body lines set.

 

When a message is rejected, an error message will be sent to the sender informing them that the email is too long, with instructions on what to do. Included in this message will be the following:

Diagnostic-Code: smtp;554 mail sent to subscribe address is too long - looks like spam!
Send a blank email to subscribe (no long signatures!).

 

Max Join and Leave Mail Body Lines (Text Messages)

Sets the maximum number of plain-text lines permitted in the body of a join or leave request email.

 

The default number of text lines is 6. If set to "Yes" above, emails to the subscribe address with more than 6 text lines will be rejected. Note that this is a very conservative number; remember that email signatures sometimes add lines.

 

Max Join and Leave Mail Body Lines (HTML Messages)

Sets the maximum number of HTML lines permitted in the body of a join or leave request email.

 

The default number of HTML lines is 16. If Check join and leave mail for spam is set to "Yes" above, subscription emails with more than 16 HTML lines will be rejected. Note that this is a very conservative number; remember that email signatures sometimes add lines.

 

Also note that if any HTML is detected in the message, each line is scanned for "<a href" to see if there are any image tags. No join or leave request should include image tags, so if one is found, the message is immediately marked as being spam.

 


Command Mail

 

Check Command Mail for Spam

 

Specifies whether ListManager should check command mail for lengthy messages characteristic of spam. By default, this setting is no.

 

When set to yes, command mail may be rejected based on the number of body lines set.

 

When a message is rejected, an error message will be sent to the sender informing them that the email is too long, with instructions on what to do. Included in this message will be the following:

 

Diagnostic-Code: smtp;554 mail sent to subscribe address is too long - looks like spam!
Send a blank email to subscribe (no long signatures!).

 

Max Command Mail Body Lines (Text Messages)

Sets the maximum number of plain-text lines permitted in the body of a command email.

 

The default number of text lines is 6. If set to "Yes" above, emails to the subscribe address with more than 6 text lines will be rejected. Note that this is a very conservative number; remember that email signatures sometimes add lines.

 

Max Join and Leave Mail Body Lines (HTML Hessages)

Sets the maximum number of HTML lines permitted in the body of a command email.

 

The default number of HTML lines is 16. If Check command mail for spam is set to "Yes" above, subscription emails with more than 16 HTML lines will be rejected. Note that this is a very conservative number; remember that email signatures sometimes add lines.

 

Also note that if any HTML is detected in the message, each line is scanned for "<a href" to see if there are any image tags. No command email should include image tags, so if one is found, the message is immediately marked as being spam.


Name Match

 

Allow Name Match

This is a server-wide setting, enabled "Yes", or disabled "No" here. This allows or rejects the ability to post messages to the list based on recognition of the member name (rather than the email address). For smaller lists it is OK to allow name matching, but for larger lists, it is advised to leave this set to "No". This default for this feature is set to off, or "No".

More

1. Utilities: Administration: Server: Server Settings

1. Utilities: Administration: Server: Server Settings: Security: User Limits

2. Utilities: Administration: Server: Server Settings: Security: Bans

3. Utilities: Administration: Server: Server Settings: Security: Web

4. Utilities: Administration: Server: Server Settings: Security: GUI Hosts

5. Utilities: Administration: Server: Server Settings: Security: Spam Blocking

6. Utilities: Administration: Server: Server Settings: Security: Sessions