Category: Linux

SPF Finally implemented

Finally got round to implementing SPF (Sender Policy Framework for the uninitiated) on the mail server. This should hopefully cut down on the recent bursts of “backscatter” from spam. I am also planning on adding SPF records for the main Demon account, as that was badly hit with backscatter from MyDoom.A way back, and may well suffer again!

For information on SPF, check out this site.

Adding SPF checks to SpamAssassin was absolutely trivial – install the Mail::SPF::Query perl module! In the case of this server it was just a quick apt-get away (gotta love Debian).

Just as a quick note: I have seen many sites claiming that SPF doesn’t work as it should to prevent spam. In response to those claims, I would suggest that people actually check what it does claim. It merely helps prevent “spoofing”, nothing else, and if used correctly, does work (in my case, spoofed messages have a raised SA score, and are more likely to go into the spam-bucket). End result is no lost mail, and as I know which hosts send mail for the domain, less backscatter (if others use SPF sanely!)

Exim alias lookups

After much pulling of hair, gnashing of teeth, searching on Google, etc…
I have finally got the /etc/aliases file under control :)
As some background, all mail historically went to the one mailbox, and was separated out by the client, and all was good with the world. Then I set up a proper mail server, with more than one mailbox, and everything got silly. Due to the huge range of local usernames we have used (mainly to track who is selling the data), the aliases file was getting beyond what I think of as reasonable.
It finally hit me that we were separating the mail using regexp, and the first 2 or 3 characters was enough to identify the intended destination. Armed with this (bloody obvious) insight, I started looking at getting exim to parse regexps in /etc/aliases. First port of call was to switch from lsearch to wildlsearch, which was great, until I noticed everything was falling through to the catchall mailbox! Rolled the changes back (that’s what notes are for, after all), and left it on a back-burner for a while.
Suddenly (at about 23:00!) I recalled seeing something about “real_local” (yes, I can be somewhat dense at times). Five minutes later, I have it working exactly as planned :)
Of course, that five minutes should have happened in the first place, but at least I got there!

For the record, the settings are:
/etc/exim4/conf.d/router/400_exim4-config_system_aliases:
data = ${lookup{$local_part}lsearch{/etc/aliases}}
becomes
data = ${lookup{$local_part}wildlsearch{/etc/aliases}}

/etc/aliases:
^user.*: real-user

Powered by WordPress & Theme by Anders Norén