Spamfilter effectiveness in all mailboxes doubled

As of summer 2019 the email-server upgrade is going to be final. During a few weeks the support for virtual domains is in place, DKIM and DMARC is new features and together with SpamAssassin upgrades and the restoring of DNSBL with FraudBL spam filtering should now hopefully be quite effective. Besides of this, there’s a global whitelist installed, which means that some domains that are considered important will be able to duck spam triggering. Users has also, via TorneAUTH the ability to whitelist senders themselves.

The last big change being done this far is the trigger on the spam itself. Historically, spam has been kept intact with a tagged Subject straight into the inbox of the mail account. By means, for each new spammail the messages has been staying put and disturbed the normal mailflow. The last change done, moves all mail flagged with spam to a new Spam-folder, which is automatically created if it does not exist. If you miss any mail – check there.

The final step now is to make all this configurable too. I’m aware that the Spambox may get filled if noone ever checks that mailbox out. What’s up next, is something that cleans up that folder periodically if noone else does it, so we can keep down the mailbox size more effective.

DNSBL for WordPress 2.0.8 changelog

This release of the DNSBL for WordPress is a half-minor update. In a few days back in time a raised act against our contact forms has been observed. ContactForm7 is used on most of the tornevall.net-sites, so it has become frustrating when spam passes through the forms without the ability to instantly blacklist the posts (except for moments when akismet for example helps with the job). So I’ve just added support for WPCF7 into the plugin.

By means, if anything bad arrives via the mail, that has been posted via the contact form there’s just a few seconds between me and a complete blacklist of the sender. In this particular case I’m activating flag 16 (IP_MAILSERVER_SPAM) in the detection configuration and for v2.0.8 a new setting under “Protective options”, called “Turn on support for WPCF7”.

The issue tracker has this case added at https://tracker.tornevall.net/browse/DNSBLWP-63 and has been tested with WPCF7 5.1.4 this far.

opm.tornevall.org is still going strong

dnsbl.tornevall.org has been the primary subname for blacklists several years now. However, it still seems that our 13 year old subname opm.tornevall.org is still going strong. The new DNSBL wasn’t supposed to support that part, however since there’s still quite a lot of resolvers running this check it has been reinstated in the API. The DNSBL has only been running a few days so the loss is probably not even notable, but if there’s time for it there might be built a blacklist validator, to see how many hosts missing this opm-part.

DNSBL 5.0.5 – Introducing advanced whitelisting

In DNBL v5.0.5 (API release) an advanced whitelisting system is introduced. At first, this whitelist system was implemented in a leaf-application (the honeypot system) but since it’s better to implement it directly at the blacklist entry, this has been done instead.

For example, if we’d like to whitelist Telia mailservers in the DNSBL, we could simply add their SPF inclusions in the system. By adding _spf-a.telia.net, _spf-b.telia.net, etc the DNSBL will check each added ip address if it matches against either a IPv4/IPv6 address that belongs to the SPF pointer or if it is located within a CIDR-based range in the pointers. So if we whitelist _spf-a.telia.net and a blacklist request contains an address in the range of 81.236.57.10/32, that address will be considered whitelisted and throw an exception.

In the primary whitelist the only SPF-exceptions is _spf.tornevall.net and _spf.tornevall.se. Other addresses that also will be whitelisted is the following (that will prevent internal server blacklistings):

127.0.0.0/8
172.16.0.0/12
10.0.0.0/8
192.168.0.0/16

Establishing WordPress Portal

To make life a bit easier in the Tornevallverse, a new portal for creating WordPress sites is currently taking form.

You can find out more, what you can do with it at https://wordpress.tornevall.net/. Currently user registration are available, but not the site itself (since it requires an automation of building and linking domain names properly). The two primary portals (this site and TorneAUTH) is not going to be migrated into that service yet.

DNSBL Slave DNS offering

Do you feel that the DNSBL resolvers are too slow for your requests? In cases where this happens, you might want to apply for an own DNS slave server. You can do this by sending a mail to support@tornevall.net – you can also send a mail if you would like to contribute with more slave servers to extend the reachability of the services. If you think the service is worth donating to, so that it can be extended furthermore, take a look here.

The current DNS servers are located in following countries:

  • Stockholm/Sweden
  • Scania/Sweden
  • Tokyo/Japan

Reaching milestones for SpamAssassin and DNS editor

There are several side projects going on right now. One of the completed “milestones” is the SpamAssassin configurator that was finalized today. For a few hours ago, we’ve started to work on a DNS editor, that makes it possible to update entries into two of our master DNS-servers. This is another milestone as much of the changes today are being made manually with regular zone files. We’ll still go that way, but in a near future, it will be possible to update records live. This work might speed up our DNS Blacklist a bit, which might give us a chance to live update both the primary master server and the second backup without hourly reloading. The DNS API was besides of this not even planned – it was “just a test” to see if it was possible and suddenly, there was an almost complete interface for it in the API.

Any plugins?

Yes, there was recently a minor release of the DNSBL WordPress-plugin also (not a milestone), but the release was too small to set up a whole post for it. But here goes, 2.0.6 gave us one minor update, as we had problems with blacklisted users requesting for delisting in the delisting-page comment fields. Those fields are less checked than the support mailbox, so the patch was based on removing comment abilities in the removal page as an option in the admin configuration.

  • [DNSBLWP-49] – comments_open has a problem that might open for comments again, if other plugins has it disabled

“Help us survive”-page is back

Our donation-page “help us survive” is back on track again.

As this site is not owned by any company or organization, our finances for it is also zero and┬áhandled completely privately on spare time – and time is something that we do not have much of.

Would you like to give us financial support, by donations? Check out the alternatives here!

Portals Update

Tornevall Networks are now live with following upgraded platforms:

  • Primary Portal and components
  • AUTHv4
  • DNSBL

Primary portal and components

Site changed to what was supposed to be TornevallWEB v6. As many visitors already seen, we’ve left the API-WEB creation to speed up projects that is more important to fix, than sites that requires too much time and work too finish. Therefore, most of the site is now in the root based on WordPress and all API integrations are being primarily made with this platform. In the same time, we win a community compatible platform. However, WordPress is not the only part built here.

First of all https://tornevall.net has now become https://www.tornevall.net to somehow support a standard webaddress naming. It is used to comunicate news and happenings, whatever that might be. Besides of this, there is a community forum located under https://www.tornevall.net/portal. The purpose with this forum is supposed to be supportive when there are bigger needs of communication. This is still a work that has to be processed a bit more.

The DNSBL removal tool used on this site is currently completely based on WordPress and available for download here. Just remember, to get everything like delisting etc to work, it is important to have an API key (read below).

Things that is built around the portals has a base tracker here.
The WordPress plugin has its own tracker here with the development source code here.

AUTHv4.0

This is a replacement of the less known site AUTHv3, which was supposed to host API based configuration. That project, aswell as the main portal, became too big. So in the same way, this site is built around WordPress. However, the big difference here – compared to the primary above – is that this authentication service also serve other users (meaning, it is possible to register an account there, to get API keys etc). So, to get API keys that handles DNSBL requests, this is the place to be. This service is a frontend gui to APIv3.