background

SpamExperts KnowledgebaseOutgoing Filtering

Outgoing Identity Setup

When configuring your servers to use the SpamExperts Outbound filtering, we strongly recommend where possible to add an "Identity" header. This is used from tracking, and closing down spammers more efficiently. 

Identity Setup in the MTA

This first needs to be configured in your sending MTA Our default MTA examples already had these added, however here are some other types:

cPanel/Exim

headers_add = X-AuthUser: $authenticated_id
headers_add = X-AuthUser: ${if match {$authenticated_id}{.*@.*}\
{$authenticated_id} {${if match {$authenticated_id}{.+}\
{$authenticated_id@$primary_hostname}{$authenticated_id}}}}
headers_add = ${if !eq{$original_domain}{$domain}{X-Forwarded-For: $original_domain}}

Qmail Identification headers

To do this in Qmail, this requires a patch. To be able to add a 'X-Auth:' header, you need to do the following:

  1. Apply qmailqueue patch: http://www.qmail.org/qmailqueue-patch.
  2. Recompile qmail.
  3. Install qmail-qfilter: http://www.untroubled.org/qmail-qfilter/.
  4. Edit '/service/qmail-smtpd/run' and add the following line:
    export QMAILQUEUE="/var/qmail/control/filter.sh"
  5. Create the file /var/qmail/control/filter.sh, and make it executable and owned by the user qmail-smtpd
    #!/bin/sh
    exec /usr/local/bin/qmail-qfilter /var/qmail/control/filter.pl
  6. Create the file /var/qmail/control/filter.pl and make it executable and owned by the user qmail-smtpd
    #!/usr/bin/perl
    $usuario = $ENV{TCPREMOTEINFO};
    print "X-Auth: $usuario\n";
    while(<>) {
    print;
    }
  7. Restart qmail-smtpd.

Please note that this is unverified and should be tested before rolling out to a live platform.


Postfix Identification headers

To do this in Postfix, you need to add the following line to your main.cf if not already there:

 smtpd_sasl_authenticated_header = yes

This will add a "Authenticated Sender" part to the received header


Zimbra Identification headers

As Zimbra generally uses Postfix as it's MTA, you can apply the same option as the Postfix header above

 smtpd_sasl_authenticated_header = yes

This will add a "Authenticated Sender" part to the received header


SmarterMail Identification headers

  1. To enable the identification headers in SmarterMail, please do the following:
  2. Navigate to settings
  3. Protocol Setting
  4. SMTP Out
  5. Enable the "X-SmarterMail-Auth header" option

Microsoft Exchange Identification headers

Currently on Microsoft Exchange, to be able to add custom outgoing headers a XHeader transport agent must be built. For more information on how to do this please see their KB here

Sendmail

To add an identity to Sendmail, you need to add the following before the  MAILER DEFINITIONS section in /etc/mail/sendmail.mc.

LOCAL_CONFIG 
HX-AuthUser: ${auth_authen} 

Configuring the Identity method via the Control Panel

Once you have configured your MTA to set an "Identification header", you need to configure the SpamExperts systems to be able to log and monitor these. The easiest way to do this is directly from the control panel.

To do this please follow the steps below:

  • Login to your SpamExperts interface
  • Navigate to the outgoing authenticating domain, (or for Local Cloud clients, you can also use the "default domain settings" in the outgoing section at Super Admin level - this sets it for all outgoing users that have default values)
  • Click Manage users in the Outgoing section
  • Use the drop down menu at the Identification Method line, and choose "Header"
  • Click Add New Header
  • In the header name section add the header name that you are configuring, (for example X-AuthUser for Exim/cPanel)
  • Uncheck the "remove after processing", assuming you do not want to remove this header. If you do, then you can keep this option enabled.
  • Click Save

If you have configured  more that one identity, then they will be processed in order. If both headers are in the same outgoing email, the top one will be the one that is processed. 

Once this has been set for your outgoing users, it's advised to verify some outgoing message in your outgoing Log Search page. 

Look for new messages that have the "User Identification" column. If you see data in here it is working correctly. It's important to find a good identifier for your different mailstreams to be able to make effective use of this feature, there are other options on the Identification Method part, which are "Envelope-Sender" and "Authenticating User"

If you are not able to add an specific outgoing header, we would recommend to set this to the "Envelope-Sender". As this means you will be able to continue to use the locking option (either via API or the Log Search) , and lock senders based on this identity instead.

Example Identities

There are many different headers and identities that can be set here. Below are some examples that can be used

cPanel:
Header name: X-AuthUser
Header value: Simple

cPanel:
Header name: X-PHP-Originating-Script
Header value: ^(.*?)\(.*$

Postfix:
Header name: Received
Header value: .*\(Authenticated sender: (.*?)\).*




Was this article helpful?

Related articles

Search result for :