Utilities: Administration: Server: Server Settings: Security: Spam Blocking

 

ListManager email addresses (such as join and list addresses) may be spammed like any other email address. These settings allow you to evaluate email being received by the ListManager server to determine whether it is legitimate or spam.

 

SPF level

ListManager can use SPF (Sender Policy Framework) to check incoming messages for spam. ListManager can examine the MAIL FROM: header during the SMTP transaction (or the HELO string if there is no From: header) and perform a DNS lookup on the domain to see if the computer sending the message is approved.

 

More information about SPF checks may be found at http://spf.pobox.com/ ; the RFC proposals for this standard may be found at http://spf.pobox.com/draft-mengwong-spf-01.txt.

 

SPF checking is still in an "early adoption" stage, and may cause stalled mailings or crashes under load. Please report any problems believed to be related to running ListManager with SPF authentication to spf-bugs@lyris.com.

 

The following SPF levels are available:

 

Off (default)

No SPF checking is performed.

 

Add Received-SPF header

ListManager checks incoming mail against SPF rules, and adds a Received-SPF: header to the message visible in Mailings: Mailing Status: Mail Queues: Mail Queue -- Incoming. Example:

 

Received-SPF: pass (mail.example.com [192.168.0.4] <joebob@example.com>)

 

Temporary Error from DNS

If an error is received while evaluating DNS information for SPF, ListManager rejects the message with a 450 message (transient error) and disconnects. The connecting mail server may then retry the message later.

 

Reject on FAIL

Rejects messages that fail the SPF check. These messages will not appear in Mailings: Mailing Status: Mail Queues: Mail Queue -- Incoming, but a record of the rejection will be available in Utilities: Administration: Server: Debug Logs if the incoming trace option is selected.

 

Reject on SOFTFAIL

In addition to rejecting messages that FAIL, also rejects messages that SOFTFAIL the SPF check. The SOFTFAIL status is for messages that the DNS record can not confidently identify as a forgery.

 

These messages will not appear in Mailings: Mailing Status: Mail Queues: Mail Queue -- Incoming, but a record of the rejection will be available in Utilities: Administration: Server: Debug Logs if the incoming trace option is selected. This option is not recommended, but available for ListManager administrators who want to only accept mail that pass SPF rules.

 

Reject on NEUTRAL

In addition to rejecting on FAIL and SOFTFAIL, also rejects messages that are NEUTRAL from the SPF check. The NEUTRAL status is for domains that specify a neutral value, or for checks that cannot pass or fail the SPF check.

 

These messages will not appear in Mailings: Mailing Status: Mail Queues: Mail Queue -- Incoming, but a record of the rejection will be available in Utilities: Administration: Server: Debug Logs if the TRACE option is selected. This option is not recommended, but available for ListManager administrators who want to only accept mail that pass SPF rules.

 

Enable blocking-mode SPF

Specifies whether ListManager should wait until SPF processing is completed before accepting or rejecting mail. By default, this setting is set to "no", meaning ListManager will wait at most 30 seconds for SPF results. If this length of time has passed and no SPF results have been returned, it will accept the current message but will use the SPF results returned (and cached) for future messages.

 

If set to "yes", ListManager will wait until SPF results have been returned before proceeding with further processing of the message. Incoming mail processing may be slowed by SPF checks, and some connecting mail servers may disconnect during the SMTP transaction if no response is given for a long time.

 

Check join mail for spam

Specifies whether ListManager should check email to list subscribe addresses for lengthy messages characteristic of spam. By default, this setting is "no", meaning ListManager will not check the length of subscription email messages.

 

Typically, subscription email

 

It is recommended that you leave it this way initially, and only make adjustments as necessary depending on the amount of spam and unwanted email you begin to receive, and the size of these messages.

 

If set to "Yes", join requests may be rejected based on the number of body lines set.

 

When a message is rejected, an error message will be sent to the sender informing them that the email is too long, with instructions on what to do. Included in this message will be the following:

 

Diagnostic-Code: smtp;554 mail sent to subscribe address is too long - looks like spam!
Send a blank email to subscribe (no long signatures!).

           

Max subscribe mail body lines (text messages)

Sets the maximum number of plain-text lines permitted in the body of a join request email.

 

The default number of text lines is 6. If set to "Yes" above, emails to the subscribe address with more than 6 text lines will be rejected. Note that this is a very conservative number; remember that email signatures sometimes add lines.

 

Max subscribe mail body lines (HTML messages)

Sets the maximum number of HTML lines permitted in the body of a join request email.

 

The default number of HTML lines is 16. If Check join mail is set to "Yes" above, subscription emails with more than 16 HTML lines will be rejected. Note that this is a very conservative number; remember that email signatures sometimes add lines.

 

Also note that if any HTML is detected in the message, each line is scanned for "<a href" to see if there are any image tags. No subscribe request should include image tags, so if one is found, the message is immediately marked as being spam.

 

Allow name match

This is a server-wide setting, enabled "Yes", or disabled "No" here. This allows or rejects the ability to post messages to the list based on recognition of the member name (rather than the email address). For smaller lists it is OK to allow name matching, but for larger lists, it is advised to leave this set to "No". This default for this feature is set to off, or "No".

 

 

 

More

 

1. Utilities: Administration: Server: Server Settings

1. Utilities: Administration: Server: Server Settings: Security: User Limits

2. Utilities: Administration: Server: Server Settings: Security: Bans

3. Utilities: Administration: Server: Server Settings: Security: Web

4. Utilities: Administration: Server: Server Settings: Security: GUI Hosts

5. Utilities: Administration: Server: Server Settings: Security: Spam Blocking

 

 

 

 


Utilities: Administration: Server: Server Settings: Security: GUI Hosts Utilities: Administration: Server: Server Settings: Automatic Maintenance: Error Mail