On Aug 3, 2006, at 2:19 AM, [EMAIL PROTECTED] wrote:
I dowonloaded rules-du-jour script from SARE (Rules emporium) site and executed it. SMTP services started blocking all incoming mails. the following are logs in smtp current log file; 2006-08-03 08:45:18.687385500 rblsmtpd: 217.146.188.116 pid 3450: 451Blocked - Reverse DNS queries for your IP fail. You cannot send me mail.2006-08-03 08:45:19.845827500 rblsmtpd: 61.191.136.82 pid 3451: 451Blocked - Reverse DNS queries for your IP fail. You cannot send me mail.I them edited tcp.smtp file and removed this entry "RBLSMTPD="Blocked -Reverse DNS queries for your IP fail. You cannot send me mail."The server started accepting mails again. Can someone help me explain whythis happened. My server was working before installing rules-du-jour script.
heh - i encountered the same problem recently. here's my (incomplete) understanding of what's going on:
read the rblsmtpd man page (http://cr.yp.to/ucspi-tcp/ rblsmtpd.html). according to it:
If the $RBLSMTPD environment variable is set and is nonempty, rblsmtpd blocks mail. It uses $RBLSMTPD as an error message for the client. Normally rblsmtpd runs under tcpserver; you can use tcprules to set $RBLSMTPD for selected clients.
If $RBLSMTPD is set and is empty, rblsmtpd does not block mail.If $RBLSMTPD is not set, rblsmtpd looks up $TCPREMOTEIP in the RBL, and blocks mail if $TCPREMOTEIP is listed. tcpserver sets up $TCPREMOTEIP as the IP address of the remote host.
so, the way i read this, your entry "RBLSMTPD="Blocked - Reverse DNS queries for your IP fail. You cannot send me mail." in tcp.smtp sets the environment variable $RBLSMTPD. i figure you must have been setting this value for all incoming hosts; perhaps your tcp.smtp file had a line like this:
:"RBLSMTPD="Blocked - Reverse DNS queries for your IP fail. You cannot send me mail."
since there's nothing before the colon, it matches all hosts, and thus blocks all hosts.
my understanding is that you shouldn't need to explicitly add a line like this, unless there are specific addresses or networks that you want to block permanently (perhaps you might want to add permanent block lines for the RFC1918 nonroutable networks, as a safeguard against malicious or misconfigured hosts - but if you're using a nonroutable network address, don't block it!)
-steve --If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v
---------------------------------------------------------------------
QmailToaster hosted by: VR Hosted <http://www.vr.org>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
