help centre
For more info visit status.atmail.com

How can we help?

Search our knowledge base for answers to
common questions and latest updates.



My activities New request
  1. atmail help centre
  2. atmail 7 on-premises
  3. Anti-Spam/Anti-Virus

Follow

Whitelisting/Blacklisting BATV and VERP addresses

Dominic -

PROBLEM
How can I Whitelist or Blacklist BATV and/or VERP addresses?

ENVIRONMENT

  • on-premises mail server Installations: Version 7.7.1+

CAUSE
In an attempt to mitigate backscatter, mass-mailing applications like MailChimp, SendGrid and Mailgun may use Bounce Address Tag Validation (BATV) to determine the validity of a specified bounce address within an email. Within the <local-part> of the Mail From: field, BATV denotes the use of a tagging scheme that allows bounced mail to be assessed for validity and dropped accordingly. An example of an address using BATV may appear as follows:

  • Mail From: <bounces+22456-c23af-user=domain.com@domain.com>

While BATV validates bounces, Variable Envelope Return Path (VERP) is implemented by mailing lists to automate recognition and removal of in-valid recipients.

The combination of these mass-mailing techniques can ultimately effect the approach towards implementing Whitelists and Blacklists to govern what mail reaches your INBOX.

 

RESOLUTION

User Level Management

Target the <domain-part> of the email address by adding it to either your Whitelist senders or Blacklist senders, available from: Settings -> Anti-Spam Settings.

For example, to Whitelist:

  • <bounces+22456-c23af-user=gooddomain.com@gooddomain.com>
  • <bounces+27776-h2345a-user=greatdomain.com@greatdomain.com>
  • <bounces+49733-m345s-user=best.domain.com@best.domain.com>

    while Blacklisting:

  • <bounces+92686-l266b-user=baddomain.com@baddomain.com>
  • <bounces+10636-k4473-user=evildomain.com@evildomain.com>

    Please find the following example:

 

Screenshot_from_2017-03-01_16-14-38.png

Remember to click Save Settings to push your new changes to your profile on our cloud.

 

Administrative Network Management

Mass-Mailing services may also send from a specific subnet. These networks can be conveniently trusted to bypass SpamAssassin by adding them to trusted_networks in /usr/local/atmail/spamassassin/etc/mail/spamassassin/local.cf

Multiple networks can be added and should be separated by white space in the configuration. In the following example, we have added 205.201.128.0/20 to our list of trusted_networks.

#<SA_TRUSTED>
# The IP's which are trusted
trusted_networks 192.168/16 205.201.128.0/20
#</SA_TRUSTED>

Restart atmailserver allowing SpamAssassin to re-read its configuration.

# /etc/init.d/atmailserver restart

Our SpamAssassin will now automatically trust all mail deriving from the 205.201.128.0/20 subnet.

Have more questions? Submit a request

Comments

Contact our support team

+61 (7) 5357 6605       support@atmail.com


atmail

© Copyright 2017 atmail pty ltd | All Rights Reserved