Changes between Version 21 and Version 22 of email-deliverability

Sep 19, 2017, 12:17:38 PM (3 years ago)
Jamie McClelland



  • email-deliverability

    v21 v22  
    11= Email Deliverability Strategies =
    3 The goals of these changes are:
     3Our goals are:
    55 * Prioritize sending of individual email over sending of bulk email
    99== Using ==
    11 Currently we allow people to relay mail via either their primary server or We should alert people of a cut-over time and then dis-allow mail relaying via the primary server.
     11All users should set their email clients (phone and desktop) to use `` as the outgoing/smtp server. By focusing on one domain we can better ensure deliverability.
    13 We should also permanently assign at least three IP addresses to our two servers and all bulk mail servers and provide a simple script for swapping the smtp bind IP address.  See also #3237
     13When an IP address gets blocked, see [wiki:individual-mail-relay our individual-mail-relay page] for instructions on how to change the sending IP.
     15== Use ==
     17All web sites that send bulk email (e.g. CiviCRM) should be configured to relay through (assata) which will relay via our [wiki:bulk-email-relay bulk email relay servers].
     19By using our bulk mail relay servers, we ensure a high volume of legitimate email which offsets bad email.
    1521== Reduce impact of forwarded spam ==
    1723Like most providers, we allow people to forward mail sent to their MF/PL email address to another email account. As a result, spam sent to a user's MF/PL account is also forwarded, which gives the impression that we are spammers.
    19 Although I've been opposed to any form of email censorship, I think we should make an exception in this case and filter out messages that are tagged by Spamassassin as spam and send these messages to /dev/null. We can make this policy clear in the members control panel whenever someone chooses to forward email sent to them. And we should be clear that if they want to be sure to receive all mail sent to them, they must deliver it to an MF/PL user account. See #7556.
     25See #7556 for work on a solution to this problem.
    21 == Discourage web site mail relaying via primary host ==
     27== Monitoring ==
    23 Any server in our network can relay mail via, however, many web sites still send email via localhost. We should implement a policy on primary hosts that limit the number of messages our primary hosts will send to 50 per user per hour.
     29Via Nagios, we currently monitor the following:
    25 == Improved monitoring ==
     31=== mailq ===
    27 Ross' has recently completed a nagios alert to warn us when the mailq for any server goes over 100.
     33If the mailq goes over 200 messages on any server we get a warning and if it goes over 500 we get an alert.
    29 We should add:
    30  * Monitor for known mail.log strings that indicate blocking (I have a list already): #831
    31  * Checking for signs that a web site is compromised (not sure how to do this): not assigned a ticket
    32  * Check for signs on that a relay mail account has been compromised (e.g. certain number of messages sent per hour): not assigned a ticket
     35**What to do**
     37Run `mailq` to review the messages in the queue.
     38Run `postcat -q <id>` to view the messages in the queue that look suspicious
     39Run `mf-mailq-delete <email>` to mass delete messages in the mailq that are spam
     41=== blocked messages ===
     43If we have more than 20 blocked messages that fit a possible pattern of spam we get a critical alert.
     45**What do to**
     47Run `mf-check-blocklist -b` to get a human readable report of the blocked messages.
     49Scan the mail.log to determine who and why we have the problem.
     51=== Email relayers ===
     53If a single sasl username relays more than 100 messages in a 24 hour period we get an alert.
     55**What do to**
     57Run `mf-check-relayers` to see who is being reported. Try to determine if they are sending illegimate email.
    3359 * Use [ the check_dnsbl Nagios plugin]: #5736
    3561== Pursue bulk mailer status and apply for feedback loops for our email list servers with major mail providers ==
    37 Many providers allow us to apply for bulk mailer status. We should pursue this for and, our two mailing list servers.
    3963See [wiki:email-deliverability-status] for current status of our bulk mail and feedback loop applications.