BCS-E 1 Posted May 23, 2016 Share Posted May 23, 2016 RBL lists are very efficient in filtering. Almost every SPAM sender is listed on an RBL list. All SPAM mails not recognized as SPAM by ESET should be filtered by the RBL lists set in ESET. This is not happening. What is going wrong? I setup RBL lists on multiple mail servers with ESMX 6. None of them show mails filtered by RBL in the log. See attachment for settings. It would be nice if someone from ESET could answer. Multipe topics on the forum about RBL are not answered/solved!!! Link to comment Share on other sites More sharing options...
Administrators Marcos 5,234 Posted May 23, 2016 Administrators Share Posted May 23, 2016 Hello, first of all, make sure that: - you have the very latest version of EMSX 6.3 installed. - don't use Google DNS (some RBL services may block such queries) As for battacudacentral.org and maybe others too, I assume you have registered and specified a list of IP addresses from which your queries are sent, if required by the RBL service. Also use "nslookup bad_IP_address RBL_DNS_server" for the sender's IP address from an email not evaluated by ESET as spam to query the appropriate RBL server and see what response it gives. We'd recommend turning on diagnostic logging in the main EMSX gui -> Setup -> Tools for a period of time necessary to collect info about missed spam. Antispam records created with diagnostic logging should shed more light. As for undetected spam, you can send a couple of such emails in eml or msg format to me so that I could check if they are really unrecognized by ESET's antispam or if there's a different problem. Link to comment Share on other sites More sharing options...
BCS-E 1 Posted May 23, 2016 Author Share Posted May 23, 2016 (edited) Received a spam message 10 minutes ago not filtered by ESMX 6.2. I know it should be 6.3 but several customers are on 6.3 and RBL is also not working. Nslookup replied correctly. So it shouldn't be in my inbox. Edited May 23, 2016 by BCS-E Link to comment Share on other sites More sharing options...
Administrators Marcos 5,234 Posted May 23, 2016 Administrators Share Posted May 23, 2016 I've reported the undetected spam to our antispam department. After enabling diagnostic logging and receiving an undetected spam, please post the appropriate record from the Mail server protection log which should include information about the score the mail received based on RBL and other criteria. Link to comment Share on other sites More sharing options...
BCS-E 1 Posted May 24, 2016 Author Share Posted May 24, 2016 Updated ESMX from 6.3.10005.0 to 6.3.10007.0 (on customer server) just to be sure. Enabled diagnostic logging for 24 hours but i am only seeing filtered messages in the log. Exported the log with Eset log collector to see if it is showing more info but its not. Or do i need to check the log somewhere else? The same message sent from 2 different ip's. Only one of them is filtered by Eset and found in the log. The other one should be filtered by RBL list. Link to comment Share on other sites More sharing options...
BCS-E 1 Posted May 30, 2016 Author Share Posted May 30, 2016 further assistance would be appreciated Link to comment Share on other sites More sharing options...
BCS-E 1 Posted June 24, 2016 Author Share Posted June 24, 2016 Finally RBL is working. I changed the default values in the settings. The manual says that '0' means 'unlimited' or 'no timeout' so in my opinion they shouldn't be changed. But after changing it all worked on all Exchange servers with ESMX. hxxp://help.eset.com/emsx/6/en-US/?idh_antispam_engine.htm Link to comment Share on other sites More sharing options...
Recommended Posts