kapsobor

I recently ran into huge spam problems on a mailserver I'm running. Due to the fact that a couple of users auth via TLS I cannot simply use rblsmtpd on port 25.
and blocking the spam via spamassassin's RBL check within qmailqueue is way too slow for the amount I have to scan. The solution is obviously scanning for DNS blacklisted sites after SMTP AUTH command was sent - or to be precice after it wasn't. There are severel dnsbl patches available, but they need patching as I have already patched my qmail with jms's combined patchset. As I was not able to find a patched patch anywhere on the web, I hereby present to you a patched version of qmail-dnsbl.sf.net patch:

• qmail-dnsbl-20060130-jms1.6cg.patch
  This is the current dnsbl patch plus a logging feature that actually logs the blocked mta's in qmail-smtpd/current. This patch works with current jms1.6cg patch.

To apply the patch to the following:

tar xzf qmail-1.03.tar.gz
wget http://qmail.jms1.net/patches/qmail-1.03-jms1.6cg.patch
wget http://blog.kapsobor.de/warez/qmail-dnsbl-20060130-jms1.6cg.patch
cd qmail-1.03
patch -p1 < ../qmail-1.03-jms1.6cg.patch
patch -p1 < ../qmail-dnsbl-20060130.jms1.6cg.patch
make
[..]

After installation you should put some dnsbl lists into /var/qmail/control/dnsbllist, f.e.:

echo "sbl-xbl.spamhaus.org\ndul.dnsbl.sorbs.net" > /var/qmail/control/dnsbllist

And be sure to include AUTH_SET_DNSBLSKIP=1 in your smtpd-run-file to allow users from blacklisted sites to authenticate.