Global support and software for open source email servers, email marketing and email filters

Inter7 Supported Software
QMail Email/Messaging Server
OpenEFilter Anti Virus/Spam
Global Address Book
SqWebmail Web Email
Courier-Imap Server
Inter7 Products
RoboMail Mailing List Server
VHostAdmin in php - New
VqAlive Automated HotFailover
SugarBox Hosting Panel
Small Business Phone Systems
Inter7 Developed GPL Software
TcpBlocker
Asterisk Fax Project
QmailAdmin Project
QmailMrtg7 Traffic Graphing
Qmail Tap Archiving System
SimScan Email Scanner
VHostAdmin php Hosting Panel
VPopMail Virtualized Email
VqAdmin SysAdmin WebControl
VqRegister Closed Loop Opt-In
EPS Email Processor
eMPF Messaging Policy Framework
DnsAdmin Web Tinydns Admin

CONVERT FROM EXCHANGE TO QMAIL. WHY? HOW? CLICK HERE FOR ANSWERS!

OPEN SOURCE LINKS
opensource.org
qmail.org
apache.org
developer.apple.com
perl.org

QMAIL DEVELOPMENT
D. J. Bernstein
Bernstein's qmail page
Donations

 GET FREE STUFF  PDF DOWNLOADS  MAILING LISTS  LEGAL
backOpenEFilter layers of protection OpenEFilter guidePrices

Seven Layers of Protection

All incoming mail goes through these seven layers of protection: 7 Layers

Seven Layers of Protection

1. Reverse DNS SMTP Check
2. Remote Black Hole SMTP Check
3. Recipient Check
4. Suspect Windows Virus BotNet Connections
5. Customer Sent Mail
6. Spam Reject
7. Virus Detection

Layer 1 Reverse DNS SMTP Check
The first layer uses a reverse DNS check from the senders IP. It checks to make sure we have a valid reverse DNS. The IPs of a mail server should have reverse DNS (PTR) entries. RFC1912 2.1 says you should have a reverse DNS for all your mail servers. It has become an increasing common practice and standard operating procedure for all mail servers to not accept mail from mail servers without a reverse DNS entry.

Layer 2 Remote Black Hole SMTP Check
The IP address of the sender is checked against "remote black hole" lists. We recommend and use sbl-xbl.spamhaus.org. This real time list keeps track of IP addresses that have been reported and confirmed to be sending spam. The sbl part of the list keeps track of email servers sending spam. The xbl part of the list keeps track of machines that have been exploited and are sending spam. So, if the sender is on one of these lists we reject the email during the smtp conversation with a failure message. A failure message tells the sender to not attempt to send the email again.

Layer 3 Recipient Check
The third layer uses the chk-user patch to the qmail-smtpd daemon. It checks to make sure the recipient exists on the machine. It checks for email accounts, mailing lists and aliases. If none of these exist for the recipient then it rejects the email with a failure, telling the sender to not send the email again.

Without this layer, all incoming email is accepted. Any of the email which can't be delivered locally (no existing user accounts) is normally bounced back to the sender. The problem is, most spam sites do not accept the returned bounce message. This means the email will stay in the queue for days (default 7 days) and qmail will keep attempting delivery. The chk-user layer keeps all of this email off the machine.

Layer 4 Suspect Windows Virus BotNet Connections
The next layer takes a finger print of the packet to determine the source of the email. New sophisticated viruses, worms and bots (BotNet) turn PC's into rogue mailing machines on the Internet. Typical users aren't going to know about their presence. They operate quietly in the background, belonging to users who unknowingly downloaded nasty programs. The infected computer then begins to send out spam without the knowledge of the owner. This makes them hard to spot if you're using only a few filtering techniques. The sudden appearance of new sources of spam also makes it more difficult for companies to rely merely on RBL's of known junk e-mail distributors. Multiple source filtering is needed.

The explosion of image spam this year is largely due to an increase of BotNet Connections.

Layer 5 Customer Sent Mail
Next the email is examined for customer sent qualities. If valid, the customers are able to email with authority.

Layer 6 Spam Reject (Two Options DSPAM* and SpamAssassin)

  1. This stage happens when qmail delivers the email into a users account. It is passed through SpamAssassin which does content filtering. Spamassassin picks up the global spamassassin preferences and then the users individual preferences. If the email is identified as spam it modifies the subject line, placing [SPAM] at the beginning of the subject. Users can configure their email clients to filter [SPAM] messages into the trash.
  2. * Recommended, DSPAM is a server-side statistical anti-spam agent for Unix email servers. It masquerades as the email server's local delivery agent and effectively filters spam using a combination of de-obfuscation techniques, specialized algorithms, and statistical analysis. The result is an administratively maintenance-free, self-learning anti-spam tool. DSPAM has yielded real-world success rates beyond 99.9% accuracy with less than a 0.01% chance of false positives.

Layer 7 Virus Detection
The last step is when email is sent through the ClamAV anti virus scanning system. If the email contains a virus, an error message is passed up to the smtp daemon which returns a failure message to the sender. This keeps all viruses off the machine.

© 1998-2009 Inter7 Internet Technologies, Inc. 24/7 support. (815) 776-9465
May 24th, 2013 3:56am CDT
AFTER HOURS
 CONTACT  SUPPORT ORDER FORM  PRICE LIST  TESTIMONIALS  HAVING TROUBLE WITH
   YOUR EMAIL ACCOUNT?  GENERAL PUBLIC LICENSE
   SOFTWARE DEVELOPMENT RoboMail - Email Marketing Software
OpenEFilter - Email Content Filtering