I have a couple questions for the community.

I work for a design firm and we do quite a bit of web development. We noticed since we switched to Myriad that we don't receive form mail. For example, when we code a form for a clients site and use our e-mail address to test the form output we never receive the emails. When we put a 3rd party email address in (gmail, yahoo, etc) they come through fine.

Any ideas what could be causing this? Are there some configs I can edit?

Also, spam has been off the wall since we switched, what are the best ways to combat spam on a default VDS installation. What steps do you take?

Thanks!

Ryan
Pendergraphics Design Group, LLC

I have a couple questions for the community.

I work for a design firm and we do quite a bit of web development. We noticed since we switched to Myriad that we don't receive form mail. For example, when we code a form for a clients site and use our e-mail address to test the form output we never receive the emails. When we put a 3rd party email address in (gmail, yahoo, etc) they come through fine.

Any ideas what could be causing this? Are there some configs I can edit?


My suggestion would be to tail your mail logs to see if anything is passing through and being rejected, deleted, etc. Head to /var/log and tail -f exim_mainlog while sending a message through the form.

You should see something hit the logs right away and shed some insight into the issue.

Also, spam has been off the wall since we switched, what are the best ways to combat spam on a default VDS installation. What steps do you take?

Thanks!

Ryan
Pendergraphics Design Group, LLC

We've been using SpamAssassin for a couple of months now and it's working miracles. We used to get a real high volume of spam, but SA has cut back on that significantly.

There is another one that I've heard great thing about, but haven't had the chance to really use it in a busy environment known as ASSP (http://assp.sourceforge.net/). That may be worth checking out.

Here is what tail says:

2007-03-06 17:43:49 H=(k2smtpout02-02.prod.mesa1.secureserver.net) [64.202.189.91] F=<anonymous@ip-208-109-26-109.ip.secureserver.net> rejected RCPT <jryan@************.com>: Sender verify failed

Looks like it's trying to verify the sender e-mail, and obviously there is none because it is a form. Is there a setting, that you know of, I can change to let this be a little bit more lenient?

Thanks!
Ryan

Here is what tail says:

2007-03-06 17:43:49 H=(k2smtpout02-02.prod.mesa1.secureserver.net) [64.202.189.91] F=<anonymous@ip-208-109-26-109.ip.secureserver.net> rejected RCPT <jryan@pendergraphics.com>: Sender verify failed

Looks like it's trying to verify the sender e-mail, and obviously there is none because it is a form. Is there a setting, that you know of, I can change to let this be a little bit more lenient?

Thanks!
Ryan

I believe you can place some information in your script that will determine where the mail is coming from, rather than a random from; as noted in your output.

I'm not a very good coder at all, so I suggest googling something along the lines of "sender verify failed form mail" and see if that brings anything up.

In addition to what Ryan said, you can also disable sender verify callouts in WHM if necessary, although that could result in receiving more spam. It can only be disabled globally, for all accounts. Alternately, you can add a whitelist for secureserver.net if you'd like. You can find instructions on how to achieve this here: http://forums.cpanel.net/showpost.php?p=280033&postcount=21

Basically the way sender verify callouts work is that when someone attempts to send you an email, your server will connect back to their mailserver and attempt to send a bounce message by using a null envelope as the sender address (it does not actually complete the process of sending a bounce message, however). The flow of the conversation would look like this:

1. bob@domain.com connects to your server on port 25 to send an email to you@yourserver.com

2. your server connects back to the mailserver for domain.com on port 25. If the connection is not successful, the sender verify will fail

3. if the connection is successful, your server issues the "HELO yourserver.com" command
4. your server then issues a "mail from:<>" command
5. your server then issues a "rcpt to:<bob@domain.com>" command

If bob@domain.com exists, the remote mailserver will return a status code of 250, indicating that it is now ready for you to send email to bob@domain.com. If the mailserver does not return a "250", then bob@domain.com likely does not exist. Thus, the sender address was likely forged, and Exim will not allow bob@domain.com to complete sending the email to you@yourserver.com

With whitelisting, you can tell Exim to disregard any sender verify callout fails, as it will still let the email through anyway, despite the callout failing.



In regards to the spam issue, SpamAssassin is highly effective as previously mentioned. Something else you may be interested in is "nolisting". You can find more information on that here: http://www.joreybump.com/code/howto/nolisting.html The gist is that you would use an unused IP address on your server, and create a primary MX record in the zone for your domain(s) that makes use of that IP address. Your valid MX record would then need to be a lesser preferred record. The idea is that most spammers only try the primary, and due to sending from non RFC compliant mailers, will simply give up when a connection cannot be established. RFC compliant mailers, however, will try all MX records listed in DNS in order of preference. Thus, losing valid email using this method should never be cause for concern.

That's a somewhat oversimplified version of how it works, but for the most part that's all there is to it. If you give this a shot, let us know how it works out, and be sure to read the link I mentioned and understand every detail it mentions. I'll note that SpamAssassin alone, however, will probably be more than sufficient due to its effectiveness.

Jeff and Ryan,

Thanks for the quick responses.

I seemed to fix the "failed to verify sender" by editing the exim config to not do the check.

Now, the problem with my SpamAssassin is that there is no Procmail installed. After reading up on SpamAssassin it seems that SpamAssassin is doing its job right but SpamAssassin doesn't do anything with the mail it finds as spam, it gets sent to the user no matter what - that's where Procmail comes in. It does further processing of the mial and actually throws it in a spam folder and the user never sees it.

I was pretty excited to see a Procmail RPM in my WHM. But when I went to install it nothing happened. Does that RPM installation script thing work?

Thanks!
Ryan

It works as far as I know. It could be that the RPM database is corrupt or something along those lines. If there isn't any output and nothing seems to be happening, it would be best to resort to the command line. As root, run this:

rpm -qa | grep procmail

If you don't get any output, procmail is not installed. To install it:

yum install procmail


If you run into any issues, please submit a ticket via our portal at my.myriadnetwork.com, and be sure to include your 3 digit VEID as well as login information.

Word. I'll give it a try.

Thanks!
Linux Newb