On Fri, Apr 07, 2006 at 09:41:56AM -0600, Jeff Ross wrote:
> Hi all,
>
> I've had several users reporting that mail to them from gmail and aol
> accounts has been bouncing. I finally got my hands on the bounce
> messages from one of the gmail messages. Two were Delivery Status
> Notifications like this:
>
> Delivery to the following recipient has been delayed:
>
> [EMAIL PROTECTED]
>
> Message will be retried for 1 more day(s)
>
> Technical details of temporary failure:
>
> TEMP_FAILURE: Could not initiate SMTP conversation with any hosts:
> [ a.mx.openvistas.net. (0): Connection dropped]
>
> culminating in the failure notice of:
>
> This is an automatically generated Delivery Status Notification
>
> Delivery to the following recipient failed permanently:
>
> [EMAIL PROTECTED]
>
> Technical details of permanent failure:
> TEMP_FAILURE: Probe failed: Server Too Busy
>
> I have the following gmail servers whitelisted in my /etc/whitelist
>
> #gmail
> 64.233.162.192/28 # zproxy gmail
> 64.233.170.192/28 # rproxy gmail
> 64.233.182.192/28 # nproxy gmail
> 64.233.184.192/28 # wproxy gmail
> 66.249.82.192/28 # xproxy gmail
> 66.249.92.192/28 # uproxy gmail
> 216.239.56.240/28 # mproxy gmail
>
> and, indeed, I don't see _any_ legitimate gmail addresses in spamdb.
> Right now there are two separate IP addresses allegedly from gmail
> accounts, but imagine my surprise that both resolve to something else
> entirely.
>
> spamdb is running with the system defaults with the exception of the port
> /usr/libexec/spamd -v -p 8024 -G 25:4:864 -g
>
> spamd.conf is using the China, Korea, Bob Beck's trapped list, and my
> own personal whitelist and blacklist.
>
> My next debugging attempt will be to have someone with a gmail account
> send mail while I'm running tcpdump on port 25.
>
> Has anyone else running spamd seen this? From my qmail logs, I see mail
> from gmail servers through March 23, but none since then.
>
> Thanks,
>
> Jeff
>
spamd's whitelist is really a non-blacklist. If gmail changes what
server IP the mail is coming from each time it retries the email, which
is bad for greylisting.
If you truly want to whitelist them, try something like this:
# pf.conf
table <mail-white> persist file "/var/mail/whitelist.txt"
# put before !<spamd-white> rdr
rdr on $ext inet proto tcp from <mail-white> to $ext:0 \
port smtp -> $ext:0 port smtp
