Register a domain and help support LQ
Go Back > Forums > Linux Forums > Linux - Server
User Name
Linux - Server This forum is for the discussion of Linux Software used in a server related context.


  Search this Thread
Old 09-09-2007, 03:26 AM   #1
Registered: Mar 2005
Location: India
Distribution: RHEL 3/4, Solaris 8/9/10, Fedora 4/8, Redhat Linux 9
Posts: 237
Blog Entries: 1

Rep: Reputation: 34
Fighting Spam & Removing Blacklisting - Tips

Most of the tips will apply irrespective of which mail server you are using. I am using Qmail.
Also refer second post with each point.

1. Install Razor, which works in co-ordination with Spamassassin.
Link :
Vipul's Razor is a distributed, collaborative, spam detection and filtering network. Through user contribution, Razor establishes a distributed and constantly updating catalogue of spam in propagation that is consulted by email clients to filter out known spam. Detection is done with statistical and randomized signatures that efficiently spot mutating spam content. User input is validated through reputation assignments based on consensus on report and revoke assertions which in turn is used for computing confidence values associated with individual signatures.

2. Remove Catchall Email addresses from all of the domains hosted on Linux Servers.
Set default mail settings to "Reject" on all domains.

3. Add PTR records [ Reverse DNS entries ] for all the IP addresses of your server.

4. Add SPF record for your hosted domains.
Link :

6. Subscribed to Microsoft SNDS service and add your IP address to monitor spam generation from your IP address.
Link :

7. Check for blacklisting of Primary IPs of production servers on following RBLs monthly basis.
And Goolge for many more...

8. Check for Weak passwords and Email Redirects( other than same domain) on your server. Try to reduce them. Due to Email Redirects to,, and other networks, spams sent through redirected address will be treated as generated from your server and may blacklist your server ip.

Blacklist Removal links
For MSN/ :

For :
In order for us to allow incoming e-mails from this domain / e-mail address, you will need to e-mail with the following information:
1. A copy of the bounced e-mail notification with full headers.
2. SMTP server log (given by the mail administrator).

For :

For :
Comcast provides this email address to be removed from the Comcast blacklist:
Just email them with your IP address in the body of the message. Within minutes, or perhaps an hour, you will be removed. Some people have reported it takes 24 hours, but my experience on a Sunday afternoon, is that it took a matter of 30 minutes. First, and automated response was sent back saying they received your email. Next, and automated response is sent back stating that they removed your IP, and why it was blacklisted.

For :
Check blacklisting for your IP from following link.
If listed, Fill whitelisting request.

Custom Rules generation for Spamassassin
Spam rules generator on the Keyword basis:

Tips and Examples on how to add rules :

How to's add spamassassin rules :

Last edited by p_s_shah; 09-16-2007 at 03:24 AM. Reason: Updated content
Old 09-16-2007, 03:18 AM   #2
Registered: Mar 2005
Location: India
Distribution: RHEL 3/4, Solaris 8/9/10, Fedora 4/8, Redhat Linux 9
Posts: 237
Blog Entries: 1

Original Poster
Rep: Reputation: 34
Fighting Spam & Removing Blacklisting - Tips II

First of let me clear that all of the above steps are in addition to Qmail/Sendmail + Antispam(SpamAssassin) + Antivirus.

Let me explain each of the above point in some detail.

1. How razor works ?
Razor contains database of spam mails with signature, submitted manually by Email users. Every mail in your mailbox is checked against Razor's database, and if the mail found in database, marked as spam.
Razor can be used in two modes:
In Passive mode, you are just using database of Razor to reduce spam mails.
In Active mode, you are registering yourself with razor using razoradmin and submit spam mails to add them into Razor database.

2. What is catchall and "Reject" ?
For example, you are hosting mail service of A mail comes for a user called Now, doesn't exist on While using Qmail, you are having three options for mails to

a. Bounce message with subject - A bounce back message will be sent to "From" email id. This option is best for spammers.
Spammer send a mail from ( non-existence account on yahoo ) to Mail server of will send bounce back message to will send bounce back to This way it will create a loop of mails, which stuck up mail queue on Mail server of and slows down mail delievery.

b. Catchall email - All the mails to nonexist user for this domain will be delievered to this email-id. From above scenario just imagine how much mails user with catchall email address will receive.

c. Reject - Do not accept mail for nonexistence user. ( Best Option ) Mail server of won't accept mail for nonexistence user for queueing.

Similar option may exist with Sendmail and other MTA.

3. Nothing more to say about PTR records. Some Mail Service provider check whether IP address corresponding to your mail sever is mapped back to some domain or not. If you are using hosting multiple sites on single IP, Add PTR record for any domain hosted on that IP.

4. "Sender Policy Framework (SPF) is an attempt to control forged e-mail. SPF is not directly about stopping spam junk email. It is about giving domain owners a way to say which mail sources are legitimate for their domain and which ones aren't." MSN and some other Hosting provider checks SPF record for checking whether mail is generated from authenticated IP or not. You can generate SPF record for your domain form
Link :

8. Now a days, most of the Mail Servers use SMTP authentication. But due to weak password, if any password of any mail id is cracked, a spammer can send thousands of mails using a simple script. is redirected to Any mail deilevered to will be delivered to Consider a case when is catchall email address for the domain, all the spam mails will be forwardred to But in case of redirected id, all the email addressed considered to be generated from's mail server, which result in blacklisting of's mail server.

I will post some email headers, in case of blacklisting by various Mail servers in next post.


blacklist, catchall, spam

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Spam Server Tips - Block Spam With Iptables tbeehler Linux - Software 2 08-24-2007 11:54 AM
LXer: Fighting Link Spam: This Time It's Personal LXer Syndicated Linux News 0 10-27-2006 10:21 PM
LXer: This week at LWN: Fighting image spam LXer Syndicated Linux News 0 08-24-2006 09:54 PM
LXer: Fighting Spam with Qmail (III) LXer Syndicated Linux News 0 04-01-2006 06:21 PM
Fighting Spam With KMail Judland Linux - Newbie 2 08-06-2003 01:33 AM

All times are GMT -5. The time now is 01:49 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration