| |
| |
| |
|
Comments:
<0> Is there anything wrong with this as an entry in the access.db file?
<0> virtua.com.br 550 Spam rejected.
<0> I have a ton of domains defined in the access file like that... 95% of them work, but some do not for some reason
<0> thats one that doesnt work
<0> sorry if somebody answered earlier, I had to leave for a bit
<0> Is there anything wrong with this as an entry in the access.db file?
<0> pool8174.interbusiness.it ERROR:"550 Spam rejected.
<0> I have a ton of domains defined in the access file like that... 95% of them work, but some do not for some reason thats one that doesnt work, its allowing host121-69.pool8174.interbusiness.it
<1> do you have a tab in there?
<2> drop the quotes
<1> good catch
<2> tab's a good guess too
<0> oops, I truncated that... its quoted properly
<2> don't use quotes
<0> ok, actually I didnt have quotes originally, but saw something that said you should have quotes
<0> all of my entries have spaces, no tabs
<0> supposed to be tabs?
<1> Yes
<2> any whitespace is fine
<2> tabs are used in the .cf
<1> Oh
<1> I need to read the docs again
<2> an example from mine:
<2> Connect:012.net.il ERROR:5.7.1:554 We don't accept mail from you
<2> no quotes
<0> the quotes didnt seem to matter... but I did have a double space in my error message that is now preserved with quotes... got truncated to single quote without
<2> you need a double space? what for?
<0> not really.. just a habbit of putting two spaces after a period :)
<1> :)
<2> ah, ok
<2> that makes sense
<0> i have tons of other pool####.interbusiness.its and they all catch, but this one went thru for some reason
<1> my access is seven lines
<2> do you still have the message that went through?
<0> until last week, I had a 5 year old sendmail which only allowed one dnsbl but had a "deny" file so I had a large list of hosts... even with multiple dnsbls now, my list catches the majority of my blocks
<1> You could install an antispam system
<0> only have the log, not the message... I'll tail it for a while and see if I cant find one that should be caught
<0> now have spam******in going
<1> How much spam do you get?
<2> do you still have the message that went through?
<0> I block an average of 3000-4000 per day
<0> msk, deleted a while ago.. but will hang and see if I can catch one
<0> moved mail server to a new IP a month ago which also dropped the number quite a bit
<2> the domain names aren't checked if the forward and reverse DNS don't match; only the IP address is checked in those cases
<2> "may be forged" will appear in the Received: header in that case
<2> so that may be why it got through
<0> I checked and the forward & reverse matched
<1> fo you have feature(`access_db')?
<0> FEATURE(`access_db',`hash -T<TMPF> -o /etc/mail/access.db')dnl
<1> remove the -o
<0> will do
<0> (thats how it was "out of the box")
<0> I was going to add that SStart rule for debugging and test some addresses that it didnt catch and see the flow
<0> will try to catch some tomorrow, slow night for spam (yay)... good night & thanks for the help as always
<3> later
<0> msk/sub if you guys are here... continuing from last night...
<0> in my access_db, I have a block on user.veloxzone.com.br
<0> this is the first skip on message that got thru:
<0> Received: from 18913001197.user.veloxzone.com.br (18913030008.user.veloxzone.co
<0> m.br [189.13.30.8] (may be forged))
<1> paste your maillog and not headers
<0> Jan 19 13:33:58 mail sendmail[12660]: ruleset=check_relay, arg1=20151040216.user.veloxzone.com.br, arg2=201.51.40.216, relay=20151040216.user.veloxzone.com.br [201.51.40.216], reject=550 5.0.0 Spam rejected.
<1> What's the problem then?
<0> oops, wrong one
<0> Jan 19 13:30:51 mail sendmail[12401]: l0JLUnPG012401: from=<gaolstension's@abelia.no>, size=1891, cl***=0, nrcpts=1, msgid=<01c73c10$ca267610$6c822ecf@gaolstension's>, proto=ESMTP, daemon=MTA, relay=18913030008.user.veloxzone.com.br [189.13.30.8] (may be forged)
<0> the 189 resolves, but the long name doesnt resolve... maybe thats why it gets thru, defaults to the IP?
<1> [189.13.30.8] (may be forged) <- definitely forged which is why it is not from 8913030008.user.veloxzone.com.br
<0> ok, that explains it then... thanks for the clarification
<0> one more if you have a sec... i do NOT have accept_unresolvable_domains on, yet this one got thru:
<0> Jan 19 13:48:34 mail sendmail[14246]: l0JLmX3d014246: from=<ret@www12.value-hunter.com>, size=2627, cl***=0, nrcpts=1, msgid=<2116740913.8059@www12.value-hunter.com>, proto=SMTP, daemon=MTA, relay=[216.10.65.142]
<1> accept_unresolvable_domains applies to the email addresses
<0> ah ok
Return to
#sendmail
or
Go to some related
logs:
#politics
#freebsd
#worldcup
NHL HOCKAY
#ubuntu
#computers
thanksgiving thuoght
sdfghjklşi,
Barbara Burmudo
#beginner
|
|