Also see the manual section on Spam.
For general information on Anti-Spam features in DMail see, Spam Rules
The following settings all relate to Anti-Spam features:
forward_from_ip
relay_to
forward_user
fromip_max
fromip_nolimit
max_rcpts
msg_filter
ban_ip
Note: this is a non-exhaustive list - we are coming up with new anti-spam features all the
time. Our support staff can help you
choose the best settings for your server.
Sending mail to non-local users - relaying - is allowed by defaut by DSMTP. To restrict such relaying, you should add various Relaying Restrictions in dmail.conf. See the Relaying Restrictions
section of the main manual.Note: In 2.8 versions and above, the DMSetup utility will add,
forward_from_ip 127.0.0.1,x.x.x.*
where x.x.x is the first 3 parts of your machine's IP address. This limits relaying to
users sending from IP addresses 127.0.0.1 or that start with x.x.x .
In order to allow this customer to relay out to the world there are these options... (often you will run a mixture of them)
Side-effect: This creates a relaying hole for any spammer who is also connecting from that range of ip addresses - probably not very likely.
Side-effect: creates a relaying hole for spammers who are pretending to be from their.domain.com, which is easy to do.
NB: if you have this setting for your main domain then Open Relay Databases like ORBS will almost certainly add you to their 'bad servers' list!
NB: this handling of this system was improved greatly in version 2.8m. It worked fine for medium sized servers but became inefficient on large servers where the window was set large, e.g. 1-2 days.
NB: adding this setting will mean that some email clients, like Netscape Mail, force the users to turn on SMTP AUTH. Generally this is not a problem, as Netscape Mail instructs them on how to do it, but it may be confusing to some users.
If you are using the forward_user system as well, you should probably set the setting
hide_auth recentpop
We also have a new proxy widget called SmtpAuth (currently only in windows beta form) which takes a username and password to authenticate to an SMTP server with.
So users with an email client that does not support the SMTP AUTH command can run this on their machine and point their client at it instead of directly at your smtp server. It then authetnicates to your server before sending on any mail feed to it.
If it is a whole domain coming through another trusted server then they could use the SmtpAuth proxy and feed all their outgoing mail through it. As we only have SmtpAuth on NT, their server would have to be running on NT. If their server is DSMTP, we are adding a setting so that DSMTP auths all connections to a given ip address. Therefore, they could run with that setting.
Also see the Relaying Restrictions section of the main manual.
DMail also allows restrictions to be placed on the volume of messages coming from a
particular IP number going through DSMTP per hour.
fromip_max: Restricts the number of messages per hour
that DSMTP will accept from an IP number.
fromip_nolimit: Permits exceptions to from_ip_max
for certain IP numbers. This applies to the IP number of the sender.
Message filtering is also available, though it should be used with care. DMail doesn't
do logic checks of them so it may be possible to accidently reject everything (!).
msg_filter: Gives a filename containing message
filtering rules. An explantion of those rules is at the other end of the link
You can also straight out ban anyone from a particular IP address from connecting.
ban_ip: Specifies an IP address that DSMTP may not talk
to.