Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 1 subscriber
  • Views 1475 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Where's the blackhole option for spam in V7

FrancWest
Hi,

where has the blackhole option moved to for spam in ASL7. As far as I can see only Warn and Quarantine are available. This will cause a major increase of message in the quarantine and nearly impossible to manage quarantine. with ASL6 we already had many false positives, but since mails with a high SCL were blackholed, this was managable. However, now that the blackhole option for spam looks gone in ASL7 this will increase quarantined messages a lot.

Franc.


This thread was automatically locked due to age.
  • 0
    Cause the antivirusengine and the spamassassin is no longer runing within the smtp-live-session, the email is accepted, and scanned afterwards, no blackhole possible I think.

    Try to use greylisting, ther will be nearly no Spam anymore.

    Sven

    Astaro user since 2001 - Astaro/Sophos Partner since 2008

  • 0 in reply to maygyver
    Does greylisting also work when using a fall back mailserver by the ISP ? So primary MX record is set to our mail server and secondary MX record is the ISP's mail server.

    Franc.
  • 0 in reply to FrancWest
    Hi,

    greylisting is only working when all MX records have activated greylisting.
    Otherwise your primary will greylist the email, the sending email server might connect to secondary mx. Spammer often uses the MX record with the highest value, cause often the secondary is not as good maintained as the primary.

    Sven

    Astaro user since 2001 - Astaro/Sophos Partner since 2008

  • 0 in reply to maygyver
    Greylisting isn't stopping thousands of spams with .pdf attachments pumping junk stocks, each one from a different return address, IP, and server.  Did Astaro also take away the ability to manually mass delete all emails from the quarantine with scores over a certain number?  Both v.5 and v.6 had that option.  I don't understand why there are so many backwards steps with v.7.  Did the lead programmer retire and some new inexperienced kid take over?
  • 0 in reply to masliah
    As per the V7 release notes, ftp://ftp.astaro.com/pub/Astaro_Security_Linux/iso_image/i386/v7.0/ASGV7_ReleaseNotes.pdf , page 11. 
     
    [FONT=TTE1BA02A0t00][SIZE=4][LEFT]Temporarily removed features[/LEFT]
    [/SIZE][/FONT][FONT=TTE1B957F8t00][SIZE=2][LEFT]Some features have only been removed temporarily, for instance:[/LEFT]
    [/SIZE][/FONT][FONT=Helvetica][SIZE=2][LEFT]- [/SIZE][/FONT][SIZE=2][FONT=Times New Roman]ICSA and CC mode[/FONT][/LEFT]
    [/SIZE][FONT=Helvetica][SIZE=2][LEFT]- [/SIZE][/FONT][SIZE=2][FONT=Times New Roman]Detailed network accounting[/FONT][/LEFT]
    [/SIZE][FONT=Helvetica][SIZE=2][LEFT]- [/SIZE][/FONT][SIZE=2][FONT=Times New Roman]Logfile searching and filtering[/FONT][/LEFT]
    [/SIZE][FONT=Helvetica][SIZE=2][LEFT]- [/SIZE][/FONT][SIZE=2][FONT=Times New Roman]More detailed reporting generator[/FONT][/LEFT]
    [/SIZE][FONT=Helvetica][SIZE=2][LEFT]- [/SIZE][/FONT][FONT=TTE1B957F8t00][SIZE=2][FONT=Times New Roman]Blackhole spam emails depending on threshold[/FONT][/LEFT]
    These features will be included again within a future V7 release.
    [/SIZE][/FONT] 
    So, blackholing will be back ... someday.
    __________________
    ACE v8/SCA v9.3

    ...still have a v5 install disk in a box somewhere.

    http://xkcd.com
    http://www.tedgoff.com/mb
    http://www.projectcartoon.com/cartoon/1
Cookie Information Banner