Did check that - there was no "web.de" anywhere to find.
Is it safe to empty the ldaplistdb?
Is it normal that some entries in it contain line breaks?
Example:
@ziborski.net|::|[2018-01-30,06:24:27]
@ziborski.net
|::|[2018-01-30,08:03:05] VRFY
@ziborski.net>
|::|[2018-01-30,06:24:27]
I've checked all of those:
https://assp.my.net:55555/edit?file=DB-ldaplistdb¬e=1
https://assp.my.net:55555/edit?file=DB-LDAPShowDB¬e=8
(I guess it's the very same content)
./database/ldaplist
./ldaplist
./mysql/dbbackup/ldaplist*
Couldn't find "web.de" there.
Several weeks ago I did have a route (transport setting in postfix) for
outgoing e-mails to web.de through another server, but that shouldnt
touch local domains (?)
BTW, when manually testung VRFY on the internal port for ASSP->Postfix I
get following:
220 mx1.safemail.at ESMTP Postfix
EHLO localhost
250-mx1.safemail.at
250-PIPELINING
250-SIZE 31457280
250-VRFY
250-ETRN
250-AUTH PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
VRFY postmaster
252 2.0.0 postmaster
VRFY postmas...@safemail.at
252 2.0.0 postmas...@safemail.at
VRFY postmas...@google.com
252 2.0.0 postmas...@google.com
VRFY postmas...@web.de
252 2.0.0 postmas...@web.de
VRFY blahblah
550 5.1.1 <blahblah>: Recipient address rejected: User unknown in local
recipient table
VRFY blahb...@web.de
252 2.0.0 blahb...@web.de
QUIT
221 2.0.0 Bye
Thank you,
best regards,
Zrin
Am 30.01.2018 um 09:18 schrieb Thomas Eckardt:
check the content of 'ldaplistdb' and remove all nolocal domain entries.
eg.
@web.de
Thomas
Von: "Zrin Ziborski" <zrin+a...@ziborski.net>
An: "ASSP development mailing list" <assp-test@lists.sourceforge.net>
Datum: 29.01.2018 16:24
Betreff: [Assp-test] UnknownLocalSender / SpoofedSender for non-local
domain
------------------------------------------------------------------------
ASSP version 2.5.5(17223)
Helo all,
I've noticed [UnknownLocalSender] and [SpoofedSender] in the log for an
external incoming e-mail that has non-local from address:
2018/01/03 20:47:08 08828-29715 [Worker_1] [TLS-in] 212.227.15.4
<xxx....@web.de> info: found message size announcement: 9.62 kByte
2018/01/03 20:47:08 08828-29715 [Worker_1] [TLS-in] [UnknownLocalSender]
212.227.15.4 <xxx....@web.de> [monitoring] (Invalid Local Sender
'xxx....@web.de')
2018/01/03 20:47:08 08828-29715 [Worker_1] [TLS-in] [SpoofedSender]
212.227.15.4 <xxx....@web.de> [scoring] (No Spoofing Allowed
'xxx....@web.de' in 'mailfrom')
2018/01/03 20:47:08 08828-29715 [Worker_1] [TLS-in] 212.227.15.4
<xxx....@web.de> Message-Score: added 37 (slValencePB) for No Spoofing
Allowed 'xxx....@web.de' in 'mailfrom', total score for this message is
now 37
2018/01/03 20:47:09 08828-29715 [Worker_1] [TLS-in] 212.227.15.4
<xxx....@web.de> to: rrr....@defrance.at info: remove IP-score from
212.227.15.4 - this mail passed the SPF check
2018/01/03 20:47:09 08828-29715 [Worker_1] [TLS-in] 212.227.15.4
<xxx....@web.de> to: rrr....@defrance.at Message-Score: added -5
(spfpValencePB) for SPF pass, total score for this message is now 32
Settings:
LocalAddresses_Flat: <empty>
localDomains: file:files/localdomains.txt <file://files/localdomains.txt>
DoVRFY: on
files/localdomains.txt does NOT contain "web.de".
LDAP is not used there.
What can cause this behavior?
What can I do to debug that?
Thank you in advance,
Zrin
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Assp-test mailing list
Assp-test@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-test
