Open Jamyn opened 11 years ago
I'm thinking of checking for a few things:
Checks for cPanel included DNS lists: (Spamcop, Zenhaus) Checks for SpamAssassin dnslist Checks for outgoing SpamAssassin routers in exim.conf
This area could cover a lot of ground. What header information were you suggesting to check?
We could expand this as you mentioned, but "Header additions" in the first comment mainly centered around:
These wouldn't hurt either:
I've gotten a few of these checks knocked out. Created Mail.pm. Any feedback and suggestions is welcome.
75b4dbb12404b6de94361ce180911d068c26e385
I'm not sure this really falls into the area of 'security' On Sep 24, 2013, at 10:40 AM, Jacob P notifications@github.com wrote:
I'm thinking of checking for a few things:
Checks for cPanel included DNS lists: (Spamcop, Zenhaus) Checks for SpamAssassin dnslist Checks for outgoing SpamAssassin routers in exim.conf
This area could cover a lot of ground. What header information were you suggesting to check?
— Reply to this email directly or view it on GitHub.
In one sense, it is security related, as there are two major use cases for (most of) these headers:
Point 2 isn't really security related, but the value in raising these issues is that if they do have a problem with either, they can easily track back the account if they follow these recommendations. Without enabling many of these options what happens is:
AddHandler application/x-httpd-php5 spacer.gif
By forcing addition of the mail headers, analysis is greatly improved.
Additionally, by setting a max fail/hour and max mail/hour, they limit the total impact when the account (compromised or intentionally) tries to send millions of mails/hour. Without some sort of ratelimit for failed and overall mail, it's highly likely the entire server will be placed on a blacklist.
Enabling these features after the fact isn't useful, so it's a good idea to make the suggestion beforehand.
Just documenting suggestions submitted by others so we don't lose them.