MXScan - only scans mails from non-authenticated users

asterix193
Posts: 19
Joined: Sun Jan 08, 2006 2:15 am
Location: Germany - Stuttgart
Contact:

MXScan - only scans mails from non-authenticated users

Postby asterix193 » Wed Apr 22, 2009 8:17 pm

Hi,

does anyone know if MXScan scans mails from authenticated users? I am asking because I have got the inverted need!

I have to clarify that MXScan ignore these mails and scans only that ones that arrives without authentication. If MXScan ignore these mails - does anyone know how this is made? Where's the information for such a 3rd party tool (which is executed by the MTA-Agent), that an email if from an knwon/unknown user?

Thanks for your help.

Regards
Steffen

polarisie
Posts: 696
Joined: Mon Mar 27, 2006 2:58 pm

Re: MXScan - only scans mails from non-authenticated users

Postby polarisie » Thu Apr 23, 2009 3:32 am

asterix193 wrote:Hi,

does anyone know if MXScan scans mails from authenticated users? I am asking because I have got the inverted need!

I have to clarify that MXScan ignore these mails and scans only that ones that arrives without authentication. If MXScan ignore these mails - does anyone know how this is made? Where's the information for such a 3rd party tool (which is executed by the MTA-Agent), that an email if from an knwon/unknown user?

Thanks for your help.

Regards
Steffen


Hi

I am not exactly sure as to what you are asking? Are you talking about incoming emails (from an external email server) ?

cheers
MXSCAN :: AntiSpam & AntiVirus for MailEnable (now with Spamtrap/Honeypot!)
Built-in SpamAssassin, Clam, MessageSniffer, DNSBL, URLBL, DCC, Senderbase, SpamTrap, ShortCircuit, Content Filters, Disclamers, Archiving and more.
Visit www.mxuptime.com

asterix193
Posts: 19
Joined: Sun Jan 08, 2006 2:15 am
Location: Germany - Stuttgart
Contact:

Postby asterix193 » Thu Apr 23, 2009 7:13 am

Hi


Sorry. Of course, I have to explain a bit more.

I have the following setup: I've two mailservers, one backend and one smarthost server (backup mx).

-On the backup mx all e-mails where scanned by MXscan and smarthosted to the backend server. All mails to the backend where delivered by SMTP Auth.

-The backend server receives e-mail via the following possibilities: From the backup mx (SMTP auth), from e-mail-clients (also SMTP auth) and from the internet side from other public mail server (no auth).

At the moment only e-mails from unauthenticated users (only SMTP connector) where scanned on the backend server by a self developed script. In future I want to replace this solution with MXScan. But it's important that only e-mail from unauthenticated SMTP senders where scanned.

Regards

polarisie
Posts: 696
Joined: Mon Mar 27, 2006 2:58 pm

Postby polarisie » Thu Apr 23, 2009 8:46 am

asterix193 wrote:Hi


Sorry. Of course, I have to explain a bit more.

I have the following setup: I've two mailservers, one backend and one smarthost server (backup mx).

-On the backup mx all e-mails where scanned by MXscan and smarthosted to the backend server. All mails to the backend where delivered by SMTP Auth.

-The backend server receives e-mail via the following possibilities: From the backup mx (SMTP auth), from e-mail-clients (also SMTP auth) and from the internet side from other public mail server (no auth).

At the moment only e-mails from unauthenticated users (only SMTP connector) where scanned on the backend server by a self developed script. In future I want to replace this solution with MXScan. But it's important that only e-mail from unauthenticated SMTP senders where scanned.

Regards


What can you do is to just Whitelist the IP of the backup server on the BackEnd Server so that it does not scan the emails for junk

Cheers
MXSCAN :: AntiSpam & AntiVirus for MailEnable (now with Spamtrap/Honeypot!)

Built-in SpamAssassin, Clam, MessageSniffer, DNSBL, URLBL, DCC, Senderbase, SpamTrap, ShortCircuit, Content Filters, Disclamers, Archiving and more.

Visit www.mxuptime.com

asterix193
Posts: 19
Joined: Sun Jan 08, 2006 2:15 am
Location: Germany - Stuttgart
Contact:

Postby asterix193 » Thu Apr 23, 2009 9:04 am

Hi


Thanks for your answer.

This is not the problem. I know that your described warkaround can also be relized by setting the "Incoming Gateway Servers".

I'd like to check only e-mails from unauthenticated SMTP users/servers!

Working with whitelists is not suitable for me because my clients have changing dialup-IPs. This is why I can't use IP whitelists. Working with sender whitelists is also not suitable because this opens my system for spam mails with faked sender information.


Regard

polarisie
Posts: 696
Joined: Mon Mar 27, 2006 2:58 pm

Postby polarisie » Thu Apr 23, 2009 11:58 am

asterix193 wrote:Hi


Thanks for your answer.

This is not the problem. I know that your described warkaround can also be relized by setting the "Incoming Gateway Servers".

I'd like to check only e-mails from unauthenticated SMTP users/servers!

Working with whitelists is not suitable for me because my clients have changing dialup-IPs. This is why I can't use IP whitelists. Working with sender whitelists is also not suitable because this opens my system for spam mails with faked sender information.


Regard


Hi

When you say "unauthenthicated SMTP users/servers" are you referring to the following "AuthenticationStatus=0" which is found in ME's message command file?

cheers
MXSCAN :: AntiSpam & AntiVirus for MailEnable (now with Spamtrap/Honeypot!)

Built-in SpamAssassin, Clam, MessageSniffer, DNSBL, URLBL, DCC, Senderbase, SpamTrap, ShortCircuit, Content Filters, Disclamers, Archiving and more.

Visit www.mxuptime.com

asterix193
Posts: 19
Joined: Sun Jan 08, 2006 2:15 am
Location: Germany - Stuttgart
Contact:

Postby asterix193 » Thu Apr 23, 2009 1:00 pm

Hi,

ah ha! Yeah, we've got it! :-)

If an e-mail is directly delivered to my backend system (SMTP without auth) the flag ist set to "0". If the sender (mail client, my backup mx) uses SMTP auth the flag is set tp 1! Obvious!

And MXscan scans only these messages when AuthenticationStatus is set to "0"!?

OK, thanks for your support. I only thought about the execute command in the MTA agent. For me it was not clear how MXScan knows about the authentication status. It has not come to my mind that the status is stored in the command file.

Regards

Who is online

Users browsing this forum: No registered users and 5 guests