Template:Configuration - Validate Sender

From ASSPSMTP

based upon version 1.3.5(9.18)

Use the Helo Blacklist (useHeloBlacklist)

Use the list of blacklisted-helo hosts built by rebuildspamdb.

0 = disabled, 1 = block, 2 = monitor, 3 = score

Score Suspicious Helos (DoIPinHelo)

Score servers with IP number in Helo and check for mismatch with sending IP

0 = disabled, 2 = monitor, 3 = score.

Enforce Early Check of Forged Helos (ForceFakedLocalHelo)

If set, ASSP will check Forged Helos before DELAYING. Collecting, Testmode, CopySpam, Spam-Lover is ignored.

Block Forged Helos (DoFakedLocalHelo)

Block remote servers that claim to come from our Local Domain/Local IP's/Local Host.

0 = disabled, 1 = block, 2 = monitor, 3 = score.

Do Not Block Whitelisted (DoFakedWL)

Disable "Block Forged Helo's" for whitelisted addresses (not recommended).

Do Not Block Noprocessing (DoFakedNP)

Disable "Block Forged Helo's" for addresses identified as noprocessing (not recommended).

Local IP's and Hostnames* (myServerRe)

Local IP's and Hostnames are often use to fake (forge) the Helo. Include all IP addresses and hostnames for your server here, localhost is already included.

For example: 11.22.33.44|mx.YourDomains.com|here.org

Don't Validate HELO for these IP's* (noHelo)

Enter IP addresses that you don't want to be HELO validated.

For example: 127.0.0.1|192.168.

Don't block these HELO's* (heloBlacklistIgnore)

HELO / EHLO greetings on this list will be excluded from the HELO checks.

For example: host123.isp.com|host456.isp.com

Do Country Code Lookup (DoSenderBase)

If activated, each sending IP address has it's assigned country looked up. This requires an installed Net::SenderBase module in PERL.

0 = disabled, 2 = monitor, 3 = score

Suspicious Country Codes* (CountryCodeRe)

Messages from IP's based in these countries will increase the MessageScore.

For example: CN|KR|RU|JP

Home Country Codes* (MyCountryCodeRe)

Put here your own country code(s) (for example: US). Messages from IP's based in these countries will decrease the MessageScore. Messages from IP's based in other countries will increase the MessageScore.

Country Cache Refresh Interval (SBCacheInterval)

IP's in cache will be removed after this interval in days. 0 will disable the cache.

Enforce Early Helo Checks (ForceValidateHelo)

If set, ASSP will Validate/Invalidate Format of HELO before DELAYING. Collecting, Testmode, CopySpam, Spam-Lover is ignored.

Validate Format of HELO (DoValidFormatHelo)

If activated, the HELO is checked against the expression below. If the Regular Expression matches, the HELO is validated as being ok.

0 = disabled, 1 = block, 2 = monitor, 3 = score

Regular Expression to Validate Format of HELO* (validFormatHeloRe)

Validate Format HELO will check incoming HELOs according to rfc1123.

For example: ^(([a-z\d][a-z\d\-]*)?[a-z\d]\.)+[a-z]{2,6}$

Invalidate Format of HELO (DoInvalidFormatHelo)

If activated, the HELO is checked against the expression below. If the Regular Expression matches, the HELO is invalidated as being not ok.

0 = disabled, 1 = block, 2 = monitor, 3 = score

Regular Expression to Invalidate Format of HELO* (invalidFormatHeloRe)

Invalidate Format HELO will check incoming HELOs for this.

For example: ^\d+\.\d+\.\d+\.\d+$|^[^\.]+\.?$,

You may try a sharper one: \d+\.\d+\.\d+\.\d+$|^[^\.]+\.?$|\d{1,3}(\.|-|x)\d{1,3}(\.|-|x)\d{1,3}|dynamic|ddns|dns\.org$

Do Valid/Invalid/Black Helo for Whitelisted (DoHeloWL)

Do valid/invalid Helo for whitelisted addresses.

Do Valid/Invalid/Black Helo for Noprocessing (DoHeloNP)

Do valid/invalid Helo for noprocessing addresses.

Enforce Early Check of Remote Sender with Local Domain Address (ForceNoValidLocalSender)

If set, ASSP will check Remote Sender with Local Domain Address before DELAYING. Collecting, Testmode, CopySpam, Spam-Lover is ignored.

Validate Remote Sender with Local Domain Address (DoNoValidLocalSender)

If activated, each remote sender with a local domain is checked against the Local Addresses File and/or LDAP.

0 = disabled, 1 = block, 2 = monitor, 3 = score

Block All Remote Sender with Local Domain Address (DoNoSpoofing)

If activated, each remote sender address with a local domain is blocked.

Do Local Addresses Check for Local Sender (DoLocalSender)

If set local sender must be a valid local address.

Reversed Lookup (DoReversed)

If activated, each sender IP is checked for a PTR record. This requires an installed Net::DNS module in PERL.

0 = disabled, 1 = block, 2 = monitor, 3 = score

Do Reversed Lookup for Whitelisted (DoReversedWL)

Do reversed lookup for whitelisted addresses.

Do Reversed Lookup for Noprocessing (DoReversedNP)

Do reversed lookup for noprocessing addresses.

Reversed Lookup FQDN (DoInvalidPTR)

If activated - and Reversed Lookup is activated -, the PTR-FQDN record is checked against the Regex. This requires an installed Net::DNS module in PERL.

0 = disabled, 1 = block, 2 = monitor, 3 = score

Regular Expression to Invalidate Format of PTR* (invalidPTRRe)

Validate Format PTR will check PTR records for this.

For example: ^\d+\.\d+\.\d+\.\d+$|^[^\.]+\.?$ or file:files/invalidptr.txt

Regular Expression to Validate Format of PTR* (validPTRRe)

Validate Format PTR will check PTR records for this.

For example: static or file:files/validptr.txt

Reversed Lookup Cache Refresh Interval (PTRCacheInterval)

IP's in cache will be removed after this interval in days. 0 will disable the cache.

Validate MX or A Record (DoDomainCheck)

If activated, each sender address is checked for a valid MX or A record.

0 = disabled, 1 = block, 2 = monitor, 3 = score

Validate Domain MX Cache Refresh Interval (MXACacheInterval)

IP's in cache will be removed after this interval in days. 0 will disable the cache.

Sender Validation Error (SenderInvalidError)

SMTP error message to reject invalid senders. The literal REASON is replaced by (missing MX, missing PTR, invalid Helo, invalid user) depending on the check.