Java linux HTML qmail C++ PHP Debian MySQL ASP JavaScript perl Delphi NetBSD Solaris etc etc etc [...]







Comments:
<dabb> Is there anything wrong with this as an entry in the access.db file?
<dabb> virtua.com.br 550 Spam rejected.
<dabb> I have a ton of domains defined in the access file like that... 95% of them work, but some do not for some reason
<dabb> thats one that doesnt work
<dabb> sorry if somebody answered earlier, I had to leave for a bit
<dabb> Is there anything wrong with this as an entry in the access.db file?
<dabb> pool8174.interbusiness.it ERROR:"550 Spam rejected.
<dabb> I have a ton of domains defined in the access file like that... 95% of them work, but some do not for some reason thats one that doesnt work, its allowing host121-69.pool8174.interbusiness.it



<sub> do you have a tab in there?
<msk> drop the quotes
<sub> good catch
<msk> tab's a good guess too
<dabb> oops, I truncated that... its quoted properly
<msk> don't use quotes
<dabb> ok, actually I didnt have quotes originally, but saw something that said you should have quotes
<dabb> all of my entries have spaces, no tabs
<dabb> supposed to be tabs?
<sub> Yes
<msk> any whitespace is fine
<msk> tabs are used in the .cf
<sub> Oh
<sub> I need to read the docs again
<msk> an example from mine:
<msk> Connect:012.net.il ERROR:5.7.1:554 We don't accept mail from you
<msk> no quotes
<dabb> the quotes didnt seem to matter... but I did have a double space in my error message that is now preserved with quotes... got truncated to single quote without
<msk> you need a double space? what for?
<dabb> not really.. just a habbit of putting two spaces after a period :)
<sub> :)
<msk> ah, ok
<msk> that makes sense
<dabb> i have tons of other pool####.interbusiness.its and they all catch, but this one went thru for some reason
<sub> my access is seven lines
<msk> do you still have the message that went through?
<dabb> until last week, I had a 5 year old sendmail which only allowed one dnsbl but had a "deny" file so I had a large list of hosts... even with multiple dnsbls now, my list catches the majority of my blocks
<sub> You could install an antispam system
<dabb> only have the log, not the message... I'll tail it for a while and see if I cant find one that should be caught
<dabb> now have spamassassin going



<sub> How much spam do you get?
<msk> do you still have the message that went through?
<dabb> I block an average of 3000-4000 per day
<dabb> msk, deleted a while ago.. but will hang and see if I can catch one
<dabb> moved mail server to a new IP a month ago which also dropped the number quite a bit
<msk> the domain names aren't checked if the forward and reverse DNS don't match; only the IP address is checked in those cases
<msk> "may be forged" will appear in the Received: header in that case
<msk> so that may be why it got through
<dabb> I checked and the forward & reverse matched
<sub> fo you have feature(`access_db')?
<dabb> FEATURE(`access_db',`hash -T<TMPF> -o /etc/mail/access.db')dnl
<sub> remove the -o
<dabb> will do
<dabb> (thats how it was "out of the box")
<dabb> I was going to add that SStart rule for debugging and test some addresses that it didnt catch and see the flow
<dabb> will try to catch some tomorrow, slow night for spam (yay)... good night & thanks for the help as always
<Trengo> later
<dabb> msk/sub if you guys are here... continuing from last night...
<dabb> in my access_db, I have a block on user.veloxzone.com.br
<dabb> this is the first skip on message that got thru:
<dabb> Received: from 18913001197.user.veloxzone.com.br (18913030008.user.veloxzone.co
<dabb> m.br [189.13.30.8] (may be forged))
<sub> paste your maillog and not headers
<dabb> Jan 19 13:33:58 mail sendmail[12660]: ruleset=check_relay, arg1=20151040216.user.veloxzone.com.br, arg2=201.51.40.216, relay=20151040216.user.veloxzone.com.br [201.51.40.216], reject=550 5.0.0 Spam rejected.
<sub> What's the problem then?
<dabb> oops, wrong one
<dabb> Jan 19 13:30:51 mail sendmail[12401]: l0JLUnPG012401: from=<gaolstension's@abelia.no>, size=1891, class=0, nrcpts=1, msgid=<01c73c10$ca267610$6c822ecf@gaolstension's>, proto=ESMTP, daemon=MTA, relay=18913030008.user.veloxzone.com.br [189.13.30.8] (may be forged)
<dabb> the 189 resolves, but the long name doesnt resolve... maybe thats why it gets thru, defaults to the IP?
<sub> [189.13.30.8] (may be forged) <- definitely forged which is why it is not from 8913030008.user.veloxzone.com.br
<dabb> ok, that explains it then... thanks for the clarification
<dabb> one more if you have a sec... i do NOT have accept_unresolvable_domains on, yet this one got thru:
<dabb> Jan 19 13:48:34 mail sendmail[14246]: l0JLmX3d014246: from=<ret@www12.value-hunter.com>, size=2627, class=0, nrcpts=1, msgid=<2116740913.8059@www12.value-hunter.com>, proto=SMTP, daemon=MTA, relay=[216.10.65.142]
<sub> accept_unresolvable_domains applies to the email addresses
<dabb> ah ok


Name:

Comments:

Please enter the result of the sum 63 + 46 (to avoid spam):






Return to #sendmail
or
Go to some related logs:

politics
freebsd
worldcup
ubuntu
computers
thanksgiving thuoght
sdfghjklşi,
Barbara Burmudo