REVDNS 10 IS (Timeout)
- Original Message -
From: Markus Gufler [EMAIL PROTECTED]
To: Declude.JunkMail@declude.com
Sent: Monday, December 12, 2005 1:42 AM
Subject: RE: [Declude.JunkMail] REVDNS
I think it may be (timeout). I know Scott
Fisher posted a filter the other day
, December 12, 2005 7:42 AM
Subject: RE: [Declude.JunkMail] REVDNS
I think it may be (timeout). I know Scott
Fisher posted a filter the other day that had the exact text
on what it is when rev dns times out.
It was a message from Scott Fisher on the cbl-thread and as I can see he
posted
-
From: [EMAIL PROTECTED] [mailto:Declude.JunkMail-
[EMAIL PROTECTED] On Behalf Of Serge
Sent: Monday, December 12, 2005 9:54 AM
To: Declude.JunkMail@declude.com
Subject: Re: [Declude.JunkMail] REVDNS
So it would be interesting know what's exactly in his text filter
file
REVDNS-TIMEOUT
I'm going to try
REVDNS END CONTAINS (timeout)
Can you send a message from an IP who will timeout for REVDNS?
Declude support?
Markus
---
[This E-mail was scanned for viruses by Declude EVA www.declude.com]
---
This E-mail came from the Declude.JunkMail mailing list. To
unsubscribe, just
Subject: Re: [Declude.JunkMail] REVDNS
REVDNS 10 IS (Timeout)
- Original Message -
From: Markus Gufler [EMAIL PROTECTED]
To: Declude.JunkMail@declude.com
Sent: Monday, December 12, 2005 1:42 AM
Subject: RE: [Declude.JunkMail] REVDNS
I think it may be (timeout). I know Scott
should this be (Timeout) or (timeout) ?
- Original Message -
From: Scott Fisher [EMAIL PROTECTED]
To: Declude.JunkMail@declude.com
Sent: Monday, December 12, 2005 2:58 PM
Subject: Re: [Declude.JunkMail] REVDNS
REVDNS 10 IS (Timeout)
- Original Message -
From: Markus
: [Declude.JunkMail] REVDNS
should this be (Timeout) or (timeout) ?
- Original Message -
From: Scott Fisher [EMAIL PROTECTED]
To: Declude.JunkMail@declude.com
Sent: Monday, December 12, 2005 2:58 PM
Subject: Re: [Declude.JunkMail] REVDNS
REVDNS 10 IS (Timeout)
- Original
It is (Timeout), but Declude isn't case sensative.
- Original Message -
From: Serge [EMAIL PROTECTED]
To: Declude.JunkMail@declude.com
Sent: Monday, December 12, 2005 9:14 AM
Subject: Re: [Declude.JunkMail] REVDNS
should this be (Timeout) or (timeout) ?
- Original Message
Spamdomains tests do not trigger on a REVDNS Timeout.
- Original Message -
From: Markus Gufler [EMAIL PROTECTED]
To: Declude.JunkMail@declude.com
Sent: Monday, December 12, 2005 9:14 AM
Subject: RE: [Declude.JunkMail] REVDNS
Thank you Scott,
Serge, why do you use such a filter
Is a REVDNS-timeout such a frequent thing?
Markus
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Scott Fisher
Sent: Monday, December 12, 2005 4:31 PM
To: Declude.JunkMail@declude.com
Subject: Re: [Declude.JunkMail] REVDNS
Spamdomains tests
:45 AM
Subject: RE: [Declude.JunkMail] REVDNS
Is a REVDNS-timeout such a frequent thing?
Markus
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Scott Fisher
Sent: Monday, December 12, 2005 4:31 PM
To: Declude.JunkMail@declude.com
Subject: Re
all the details,
try checking the archives.
- Original Message -
From: Markus Gufler [EMAIL PROTECTED]
To: Declude.JunkMail@declude.com
Sent: Monday, December 12, 2005 3:14 PM
Subject: RE: [Declude.JunkMail] REVDNS
Thank you Scott,
Serge, why do you use such a filter? A SpamDomain
.
Andrew 8)
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Serge
Sent: Monday, December 12, 2005 8:36 AM
To: Declude.JunkMail@declude.com
Subject: Re: [Declude.JunkMail] REVDNS
I use tests that were posted long time ago by kami I use them
I have good homail messages failing the false hotmail test below
the reason is REVDNS timeouts
the filter should end at the first line, but does not
any workarround?
REVDNS END ENDSWITH .hotmail.com
MAILFROM 3 ENDSWITH @hotmail.com
HELO 5 ENDSWITH hotmail.com
---
[This E-mail was scanned
]
To: Declude.JunkMail@declude.com
Sent: Sunday, December 11, 2005 7:15 PM
Subject: [Declude.JunkMail] REVDNS
I have good homail messages failing the false hotmail test below
the reason is REVDNS timeouts
the filter should end at the first line, but does not
any workarround?
REVDNS END
I think it may be (timeout). I know Scott
Fisher posted a filter the other day that had the exact text
on what it is when rev dns times out.
It was a message from Scott Fisher on the cbl-thread and as I can see he
posted a line
TESTSFAILED 50 CONTAINS REVDNS-TIMEOUT
So it would be
I was looking through my reports and found that
around the end ofJune the number of email that failed the REVDNS test went
way up.
Juneand earlier it was common to have 20% -
25% of mail trip this test. July on I am seeing 70% - 90% of all email
fail.
We had not made any changes that I am
Title: Message
Look
atthen DNS server that declude uses
Kevin
Bilbee
-Original Message-From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of ToddSent: Wednesday, August 24, 2005 7:16
PMTo: Declude.JunkMail@declude.comSubject:
[Declude.JunkMail] REVDNS
Hi,
In a message I received
today:
X-REVDNS: This E-mail was sent from
(timeout) ([83.132.120.87]).X-Country-Chain: UNITED
STATES-PORTUGAL-destination
I would think withDeclude infolike this in the headers,
the message would have failed REVDNS and ROUTING, but it didn't trip either
Subject: [Declude.JunkMail] REVDNS /
ROUTING
Hi,
In a message I received
today:
X-REVDNS: This E-mail was sent from
(timeout) ([83.132.120.87]).X-Country-Chain: UNITED
STATES-PORTUGAL-destination
I would think withDeclude infolike this in the
headers
Why did this fail the REVDNS test? If I do a reverse DNS
lookup for precisionx.net I get a valid PTR record back.
TIA
Received: from precisionx.net [216.119.112.51] by fpmamail.com with ESMTP
(SMTPD32-6.06) id A02C4790076; Fri, 04 Jun 2004 11:07:24 -0400
Received: from DedA50 [216.119.112.51]
Why did this fail the REVDNS test? If I do a reverse DNS
lookup for precisionx.net I get a valid PTR record back.
Reverse DNS is different than forward DNS. Reverse DNS takes an IP and
returns the host name (using a PTR record); forward DNS usually takes a
host name and returns an IP (using an
OK, thanks.
Jose
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of R. Scott Perry
Sent: Friday, June 04, 2004 11:42 AM
To: [EMAIL PROTECTED]
Subject: RE: [Declude.JunkMail] REVDNS Failure question
I guess I'm confused as to why it's coming from this IP
:32 AM
To: [EMAIL PROTECTED]
Subject: Re: [Declude.JunkMail] REVDNS Failure question
Why did this fail the REVDNS test? If I do a reverse DNS
lookup for precisionx.net I get a valid PTR record back.
Reverse DNS is different than forward DNS. Reverse DNS takes an IP and
returns the host name
I guess I'm confused as to why it's coming from this IP
216.119.112.51 when I've specified the MX record for precisionx.net
to point to 65.110.77.72
That I can't explain -- you would need to check with the documents for the
inFusion email Server that sent the mail to see how to get it to use a
: RE: [Declude.JunkMail] REVDNS Failure question
OK, thanks.
Jose
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of R. Scott Perry
Sent: Friday, June 04, 2004 11:42 AM
To: [EMAIL PROTECTED]
Subject: RE: [Declude.JunkMail] REVDNS Failure question
I guess I'm
I've solved this problem, thanks; it was related to a mail server
config problem. Now, the IPNOTINMX test is failing for precisionx.net
and I'm not sure why since the MX record is pointing to 65.110.77.72
(http://dnsstuff.com/tools/lookup.ch?name=precisionx.nettype=MX)
X-Declude-Sender: [EMAIL
I'm curious as to what others are doing concerning the weight assigned to
the revdns test. How much weight do you assign to your revdns test, as a
percentage of your hold or delete limit? Our percentage is currently at 25%
(10/40).
Thanks,
Greg
---
[This E-mail was scanned for viruses by
negative rDNS scores 5. No hold or delete. Subject line maker SPAM-VHIGH @
30+.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of System
Administrator
Sent: 11 December 2003 13:01
To: [EMAIL PROTECTED]
Subject: [Declude.JunkMail] revdns weight question
I'm
Greg,
20% of our hold weight on our primary mx
30% of our hold weight on our backup mx
Darrell
Check Out DLAnalyzer a comprehensive reporting tool for
Declude Junkmail Logs - http://www.dlanalyzer.com
System Administrator writes:
I'm curious
Is it accurate to say that a filter in DECLUDE Pro using REVDNS is more efficient and
runs faster
than a filter using BODY?
My standard procedure was to add a BODY filter that contains the domain of a link
found in the spam
messages that make it through other tests. This makes sure that they
Is it accurate to say that a filter in DECLUDE Pro using REVDNS is more
efficient and runs faster
than a filter using BODY?
Yes, it is (simply because the reverse DNS entry is much shorter than the
body of the E-mail, so there is less searching to do).
My standard procedure was to add a BODY
Hi,
I've been using this filter with success:
REVDNS -100 ENDSWITH .shawcable.net
But what happens if :
X-Declude-Sender: [EMAIL PROTECTED] [204.209.208.8]
Does that test match the ip address to yahoo.com?
Or if the ip addresses reverses to shawcable.net, it will let it through
even if
I've been using this filter with success:
REVDNS -100 ENDSWITH .shawcable.net
But what happens if :
X-Declude-Sender: [EMAIL PROTECTED] [204.209.208.8]
Does that test match the ip address to yahoo.com?
Not in this specific case (since 204.209.208.8 doesn't have a reverse DNS
entry, even
. Scott Perry [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, September 16, 2003 11:45 AM
Subject: Re: [Declude.JunkMail] RevDNS
I'm guessing that your local DNS server thinks that it is
authoritative for
reverse DNS lookups, but doesn't have a reverse DNS entry for
209.7.3.194
.
- Original Message -
From: "R. Scott Perry" [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, September 16, 2003 11:45 AM
Subject: Re: [Declude.JunkMail] RevDNS
I'm guessing that your local DNS server thinks that it is
aut
Hi all,
I've had this problem for a while, and although I found a way around it, I
want to get it corrected
so that I don't see this warning...anyway...
My work is behind a firewall, this firewall, contains 3 zones:
Our Private network with a 192.168.x.x IP range
Our DMZ
and the Internet
- Original Message -
From: EN [EMAIL PROTECTED]
The firewall does NAT to hide all our machines behind one IP which is
designated on the firewall.
When a user sends email while using the web interface of Imail, all is
well.
When a user sends an email using Outlook Express, then
I've had this problem for a while, and although I found a way around it, I
want to get it corrected
so that I don't see this warning...anyway...
My work is behind a firewall, this firewall, contains 3 zones:
Our Private network with a 192.168.x.x IP range
Our DMZ
and the Internet Zone
The
. Scott Perry [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, September 16, 2003 10:06 AM
Subject: Re: [Declude.JunkMail] RevDNS
I've had this problem for a while, and although I found a way around
it, I
want to get it corrected
so that I don't see this warning...anyway...
My
I'm guessing that your local DNS server thinks that it is authoritative for
reverse DNS lookups, but doesn't have a reverse DNS entry for 209.7.3.194.
When you say local, you are talking about the internal Private DNS server,
right?
By local I mean the DNS server that IMail uses.
Or the dns
, September 02, 2003 4:40 PM
To: [EMAIL PROTECTED]
Subject: RE: [Declude.JunkMail] REVDNS and HELOBOGUS
We only white list after emailing the user and the mail admin. It is in
their best interest to fix the RDNS and HELO bogus issues.
Attached is the email I send to them.
Why should I slow
Hello,
We get a lot of false postives from sites that fail two of three simple
tests such as REVDNS, HELOBOGUS and BADHEADERS which combined have just
enough weight (10 to12 ), to get tagged as spam. I have been whitelisting
as I learn about them, which seems to be approx one to three
: [Declude.JunkMail] REVDNS and HELOBOGUS
Hello,
We get a lot of false postives from sites that fail two of three simple
tests such as REVDNS, HELOBOGUS and BADHEADERS which combined have just
enough weight (10 to12 ), to get tagged as spam. I have been whitelisting
as I learn about them, which
I reduced the scores of those test's. Messages that fail BAHDEADERS
seem to often fail HELOBOGUS in my experience. It would be good to know
the error code returned by the BADHEADERS test because this shouldn't be
failed by most mailing applications (even automated ones). If you look
in your
Title: Message
Hi;
A while back I
suggested a test based on REVDNS. The idea was simply trying to track
spammers that are not just occasional senders but do this on a much larger
scale.
Since then we
started tracking REVDNS of all addresses that send more than 1 email in a
batch. Simply
the dns servers are 208.13.150.92 and 208.13.150.91 set in imail...
Those servers seem to be responding properly.
In this case, I would suggest using the debug mode. To use the debug mode,
you can change the LOGLEVEL LOW line in \IMail\Declude\global.cfg to
LOGLEVEL DEBUG. Then, after an
perhaps it's too early - but I notice these being tagged as revdns
failed - this just started a couple days ago - can someone more awake
than I, help - I am off to get some coffee...the imgate machine is my
postfix gateway...it is trying to send me a report that it itself is
blocking due to
perhaps it's too early - but I notice these being tagged as revdns
failed ...
Received: from IMGate.Mailstop7.com [208.13.150.9] by mailstop7.com with
ESMTP (SMTPD32-7.13) id A93013FE0108; Sun, 05 Jan 2003 18:01:04 -0500
This is the only header that has an IP address, so this should be
Scott, I've now been running DECLUDE for two days and from a first look,
I like the product. However, it has been catching a large number of
valid messages and I'm wondering what actions to take with them. The
most common failures are on REVDNS,
That one does have a lot of false positives --
Scott, I've now been running DECLUDE for two days and from a first look,
I like the product. However, it has been catching a large number of
valid messages and I'm wondering what actions to take with them. The
most common failures are on REVDNS, HELOBOGUS and WEIGHT10. I remember
reading about
I have a question about the REVDNS test. We are hosting our customers
email on a server at one of our POP's and reverse DNS is being done for the
virtual email server. The reverse DNS states only the domain name and not
does not have 'mail' specfied in the reverse DNS.
Email Server IP:
Can I get more info on how the REVDNS test is done? We have half a
class C so our upstream provider does our reverse DNS. Apparently
somewhere along the line they dropped the config for us and we didn't
have reverse dns set up for mail.sirc.ca. After much email back and
forth, yesterday they
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]] On Behalf Of Susan Duncan
Sent: Tuesday, March 12, 2002 9:30 AM
To: Declude List
Subject: [Declude.JunkMail] REVDNS test
Can I get more info on how the REVDNS test is done? We have half a
class C so our upstream
Can I get more info on how the REVDNS test is done?
It's a standard reverse DNS lookup -- for more details, you'll need to go
to the RFCs.
We have half a class C so our upstream provider does our reverse DNS.
That's fine. They can either handle it, or delegate your half of the class
C to
Ok, now I'm confused. Are you saying then that even though all the machines in my
network are assigned IP addresses via DHCP, that I have to have each of those
address resolve to something in the reverse DNS? I think most people would only
list servers, not workstations in DNS. I don't even
Ok, now I'm confused. Are you saying then that even though all the
machines in my
network are assigned IP addresses via DHCP, that I have to have each of those
address resolve to something in the reverse DNS? I think most people
would only
list servers, not workstations in DNS. I don't even
57 matches
Mail list logo
