Jump to content

RBL lists not working on ESMX


Recommended Posts

RBL lists are very efficient in filtering. Almost every SPAM sender is listed on an RBL list.

 

All SPAM mails not recognized as SPAM by ESET should be filtered by the RBL lists set in ESET. This is not happening.

 

What is going wrong? I setup RBL lists on multiple mail servers with ESMX 6. None of them show mails filtered by RBL in the log.

 

See attachment for settings. It would be nice if someone from ESET could answer. Multipe topics on the forum about RBL are not answered/solved!!!

post-2710-0-26647900-1463998883_thumb.jpg

Link to post
Share on other sites
  • Administrators

Hello,

first of all, make sure that:

- you have the very latest version of EMSX 6.3 installed.

- don't use Google DNS (some RBL services may block such queries)

 

As for battacudacentral.org and maybe others too, I assume you have registered and specified a list of IP addresses from which your queries are sent, if required by the RBL service. 

Also use "nslookup bad_IP_address RBL_DNS_server" for the sender's IP address from an email not evaluated by ESET as spam to query the appropriate RBL server and see what response it gives.

 

We'd recommend turning on diagnostic logging in the main EMSX gui -> Setup -> Tools for a period of time necessary to collect info about missed spam. Antispam records created with diagnostic logging should shed more light.

 

As for undetected spam, you can send a couple of such emails in eml or msg format to me so that I could check if they are really unrecognized by ESET's antispam or if there's a different problem.

Link to post
Share on other sites

Received a spam message 10 minutes ago not filtered by ESMX 6.2. I know it should be 6.3 but several customers are on 6.3 and RBL is also not working.

 

Nslookup replied correctly. So it shouldn't be in my inbox.

 

 

post-2710-0-06984400-1464002158_thumb.jpg

post-2710-0-91741800-1464002301_thumb.jpg

Edited by BCS-E
Link to post
Share on other sites
  • Administrators

I've reported the undetected spam to our antispam department.

 

After enabling diagnostic logging and receiving an undetected spam, please post the appropriate record from the Mail server protection log which should include information about the score the mail received based on RBL and other criteria.

Link to post
Share on other sites

Updated ESMX from 6.3.10005.0 to 6.3.10007.0 (on customer server) just to be sure. Enabled diagnostic logging for 24 hours but i am only seeing filtered messages in the log. Exported the log with Eset log collector to see if it is showing more info but its not. Or do i need to check the log somewhere else?

 

The same message sent from 2 different ip's. Only one of them is filtered by Eset and found in the log.

 

The other one should be filtered by RBL list.

 

post-2710-0-00700900-1464076536_thumb.jpg

post-2710-0-55436500-1464076536_thumb.jpg

post-2710-0-25866000-1464076610_thumb.jpg

Link to post
Share on other sites
  • 4 weeks later...

Finally RBL is working. I changed the default values in the settings. The manual says that '0' means 'unlimited' or 'no timeout' so in my opinion they shouldn't be changed. But after changing it all worked on all Exchange servers with ESMX.

 

hxxp://help.eset.com/emsx/6/en-US/?idh_antispam_engine.htm

 

 

post-2710-0-18568300-1466751613_thumb.jpg

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...