Category: Email • Tutorial Type: text • Added: June 03, 2010, 06:18 AM •
The end user can only send to a maximum of 100 recipients per mail message, this includes To:, Cc: and Bcc:.
The size limitation is 102.4 Mega Bytes per message.
Relaying is only allowed from IS DSL ip ranges.
The sender and recipient domains must be a Fully Qualified Domain Name and be a valid resolvable DNS domain.
No sender From: addresses from free mail services, i.e. Yahoo, Hotmail, GMail, etc are accepted.
Testing for open relays on the IS DSL user ip space and blocking access to these abusers.
Blacklisting and block ip's identifying themselves as one of the smtp servers.
Blacklist ip's sending mail to known spam traps for a minimum of 1 hour.
Manual process of blacklisting domains and/or sender addresses due to abuse complaints being logged.
Rate limiting incoming mail from client connections to 50 recipients max per minute.
Rate limiting incoming connections from client connections to 7 per unique ip on each server.
Reject any mail that has more than 50 MIME parts.
Reject any mail considered to be malware infected.
Reject any mail looking like spam.
Max recipients in a single connection - 100
Max mail size including the encoding of the mail - 100MB
7 Concurrent connections per server. Total concurrent connections -> 28
1. You have to greet the server using HELO/EHLO, if not then commands at "RCPT TO" will be rejected
2. The following characters are not allowed to be in a recipients address before the @ sign: begin with a dot or contain @ % ! / or |
3. If greeted with a dot in it and the sender is <> impose a rate limit of 2 mails per 5 minute period. If sender goes over this rate defer the command.
4. If greeted by our hostname or a banned one the connection will be closed
5. If greeted with the servers ip the connection will be closed
6. If greeted with a bare ip the connection will be closed as this is a RFC2821 breach
7. Verify the recipient address by connection to MX server for recipient if it is a bounce mail or sender address is MAILER-DAEMON@*
8. If sending a bounce mail and trying to give more that 2 recipients the connection will be closed down
9. Check if senders address is in sdom.bl.isdsl.net and if found it will be rejected
10.Check if senders/recipients address is in dom.bl.isdsl.net and if found it will be rejected
11.Check if connecting ip is in open.bl.isdsl.net and if found it will be rejected
12.Apply delay so that any ip connecting can only send 50 commands every 1 minute no matter how many connections they have open
13.Verify if senders domain is valid and if not reject
14.Verify senders address if mail got double bounced on server before and if found that address is invalid reject.
You can do a lookup if sender domain is in the list by going to http://smtp01.isdsl.net/viewlogs and selecting "senddomcallout"
(Replace smtp01 with smtp02, smtp03, smtp04 to check the other servers)
15.Verify if recipients domain is valid and if not reject
16.Accept any recipient address if in the relay list. If not give the following error:
Sorry, relay not permitted from [connecting ip] for <[senders_address]> to <[recipient_address]>
17.Check if mail body has any of the below mistakes and if so reject mail:
- CLSID hidden extension
- Filename length too long (> 512 characters)
- MIME Boundary Space Gap
- Empty MIME Boundary Vulnerability
- Long MIME Boundary Vulnerability
- Message/Partial MIME
- MIME Nesting (max 50)
- MIME Excessive line length
18.Reject mail if we find any spam urls using www.surbl.org and lookup.uribl.com
19.Compare bounce mail attachments to a md5sum and if match reject mail
20.Check if message conforms to RFC2822 standard for mail headers and if not reject mail
21.Check for a valid sender header if not found reject mail
22.Check for any other MIME errors and if found reject mail
23.Scan mail for any viruses and if found reject mail
24.Scan mail for image spam and if found reject mail
25.Add tracking header to mail to track when somebody reports abuse that came from any of the servers