Msen Home page  
     
This is the short description of Msen's mail policies with links on how to configure your machine. The process is listed in order of action so you can see which parts take precedence.

Inbound

- Greylisting has become our first line of defense for spam. Greylisting is a process that delays email for 10 minutes before accepting it unless the address is listed in the override file. It is an attempt to block spammers who will only make one attempt at sending email before they go on to another victim. Any legitimate email server will retry any delayed mail, and so legitimate email gets through, while most spam is denied. Once a particular address has sent you a piece of email, it is white listed for a week. Measurements show that 93% of spam is being blocked using this method alone.
Overrides:

  • the source IP address is an Msen IP address.
  • the sender has used POP before SMTP to authenticate herself
  • the sender has used SMTP-AUTH to authenticate himself
  • hand built override tables for known good addresses, Ie. eBay

  • - Spamilter runs several checks on a mail message during the receive process looking for indications of spam. Here are the list of reasons a message may be rejected:

  • 550 5.7.1 Rejecting due to security policy - Helo or Ehlo MTA greeting expected, Please see: ...
    Missing HELO/EHLO: Your email server did not properly identify it's self, as such, your email will not be allowed to enter this network.

  • 550 5.7.1 Rejecting due to security policy - DNSBL, Please see: ... and ...
    DNS Blacklists Your email server has been put on a list of servers that spam by one or more of the following entities;
    spamcop.net
    spamhaus.org
    Please reference these sites to determine how to remove your email server from the list(s).

  • 550 5.7.1 Rejecting due to security policy - Recipient has been blacklisted, Please see: ...
    Black listed Recipient: The recipient to whom your email was addressed is not allowed to receive email. This choice was made by the Msen mail administrator.

  • 550 5.7.1 Rejecting due to security policy - Sender '...' has been blacklisted, Please see: ...
    Black listed Sender: Your email address is not allowed to send email to recipients of this network. This choice was made by the Msen mail administrator.

  • 550 5.7.1 Rejecting due to security policy - SPF fail ...
    SPF: The sender's domain has specified which IP addresses are valid via SPF, and the IP address of the machine sending the email is not listed among them. SPF is used to prevent mail forgeries and phishing scams.

  • 451 4.7.1 Temporary failure - Unable to validate Sender address ..., Please see: ...
    Temp Fail Invalid Sender: Our mail server was temporarily unable to validate your email address, as such, your email will not be allowed in currently to enter this network.
    If the problem is temporary on your mail server's end, your system will automatically retry the email later. If your mail server is not accepting email sent to you, we will not accept email from you.

  • 550 5.7.1 Rejecting due to security policy - Unable to validate Sender address ..., Please see: ...
    Invalid Sender Our mail server contacted your mail server to see if your email address truly exists. Your mail server responded that it does not accept email for you, so we will not accept email from you.

  • 550 5.7.1 Rejecting due to security policy - Inline executable attachment, Please see: ...
  • and
  • 550 5.7.1 Rejecting due to security policy - Executable attachment, Please see: ...
    attachment inline or in body: You sent an email with an attachment with one or more of the following extensions;
      .ade .adp .bas .bat .chm .cmd .com .cpl .crt .exe
      .hlp .hta .inf .ins .isp .js .jse .lnk .mdb .mde
      .msc .msi .msp .mst .pcd .pif .reg .scr .sct .shs
      .shb .vb .vbe .vbs .wsc .wsf .wsh
    These are the some of the most commonly suspect file types by which viruses are propagated, and are therefore denied entry into this network. If you need to send a file or files with one or more of the extensions listed here, please ZIP the file and resend it.

  • 550 5.7.1 Rejecting due to security policy, Please see: ...
    general: Your email has been rejected due to an unspecified reason.

  • 550 5.7.1 Image from stranger rejected, see: ...
    image: Your email has been rejected because of two conditions: First, it contains an image, and second, our recipient has not sent mail to you recently. This filter is designed to combat stock scams that are delivered by image file attachments.

    Solution: Send a text message to our user. If they reply, you will then be allowed to send your images.

  • - Access file controls do block a few blocks of IP addresses known to be owned by hardcore spammers. Addresses listed here are blocked with no chance of getting through. Reserved for only the most hardcore spammers. Since these people tend to move constantly, the list and effectiveness is small.

    - Virus removal is done for known viruses that have an easily identifiable signature. These are removed from all inbound email and there are no override possibilities. The current list is: Bagle, Bugbear, Dumaru, Hybris, Klez, Mimail, Moodown, Novarg, Sobig, Swen, and Yaha. Two general virus techniques are also killed. Exploit-IFrame and zip files containing more than 10 spaces in the filename inside the archive.

    Msen highly recommends that all PCs have up to date virus filtering software installed on them. Our virus filtering only catches the noisiest problem viruses.

    - Executable attachments are blocked and deleted. Any email with an file attachment that has an extension of: bat pif cmd vba vbs scr lnk com exe chm will automatically be deleted. If you need to send/receive one of these file types, use Zip to archive the file first.

    - Tagged email:  All further email is received and tagged as possible spam according to:

  • Listed in Spamcop.net's database
  • Listed in the Spamhaus.org's database as either an known spammer or a virus/worm/proxy compromised machine.
  • Listed in the Open Relay Database.
  • Contains offensive phrases in the subject or body that procmail can find.

  • A longer description of tagging can be found on its own page.

    Msen user's choose with the following control panel what tagged spam is saved to their mailbox, and what is deleted automatically.

    - Personal Filtering: If too much spam still gets through all that, the user should install a personal spam filter on their computer that can be tailored to their needs. A recommendation of a few are on the spam control panel page.

    Outbound

    To use Msen's servers for outgoing email, you must be one of the following:
  • using an IP address that is an Msen IP address. Ie. dialup to our modems
  • have used POP3 before SMTP to authenticate yourself to the server for 30 minutes. Ie. read your mail before sending mail out.
  • using SMTP-AUTH to authenticate yourself to the server. This sends your POP3 userid/password as part of the outgoing mail process.

  • - All email domains processed by Msen have SPF (Sender Policy Framework) records set for them to prevent forgery by spammers and viruses.

    - We have a severe policy for when we catch a customer spamming. Msen charges offenders $100.00 plus $150.00 per hour cleanup costs per occurrence. These charges apply, even if we choose to terminate the account. See our spam policy for details.

    - No outbound virus checking is done on Msen's mail servers. Anti-virus checking is the responsibility of the user. If a user's machine is found to be infected with a virus, that customer falls under the network abuse part of our spam policy. The customer may be fined for the network abuse their machine is causing with the virus.

    Mail Encryption

    See our page on TLS/SSL mail transport encryption.
    Webmaster
    Service
    Sales
    Voice: (248) 740-3400
    Copyright © 2001-2023 Msen, Inc.
    Last updated: February 21, 2023