Andrew W. Donoho wrote:
> Theo,
>
> It may be that I do not properly know how to use DiG but CommuniGate
> Pro has been making pointer queries for me for over two years. That
> does not change the fact that the messages I received to my postmaster
> account from incubator.apache.org indicate that the list is being
> bounced due to non-existent rDNS records. Since Fred
> <mailto:[EMAIL PROTECTED]> is also seeing bounces, this is a
> new behavior for the apache.org mail system.
I'm back! I tried tracking this down and could not find the host used to
send the message. The only indication I received was an Ezmlm warning
message which I am attaching to this message. It shows a large number of
bounces starting around message # 6101 and lasting through 6114.
In the error during transmition of 6114, my SA flagged the message 6.679
points, blocking mainly due to "FH_RELAY_NODNS" which is a rule I developed
in conjunction with MIMEDefang to check for the presense of [ ] 's in the
hostname, if found meaning a reverse name was not received.
Using MIMEDefang, I add a header of X-HOST with the reverse dns name of the
connecting host. Then the rule is as follows:
header FH_RELAY_NODNS X-HOST =~
/^\[\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\]$/
describe FH_RELAY_NODNS We could not determine your Reverse DNS
score FH_RELAY_NODNS 5.73
In order to whitelist the SA group, I use the following nice rule, should
this be increased to include more hosts?
header FH_GOOD_IP_20 Received =~
/(?:208\.185\.179\.12|209\.237\.227\.199)/
describe FH_GOOD_IP_20 Comes from SpamAssassin Mail list
score FH_GOOD_IP_20 -250
--- Begin Message ---
Hi! This is the ezmlm program. I'm managing the
[EMAIL PROTECTED] mailing list.
Messages to you from the spamassassin-dev mailing list seem to
have been bouncing. I've attached a copy of the first bounce
message I received.
If this message bounces too, I will send you a probe. If the probe bounces,
I will remove your address from the spamassassin-dev mailing list,
without further notice.
I've kept a list of which messages from the spamassassin-dev mailing list have
bounced from your address.
Copies of these messages may be in the archive.
To retrieve a set of messages 123-145 (a maximum of 100 per request),
send an empty message to:
<[EMAIL PROTECTED]>
To receive a subject and author list for the last 100 or so messages,
send an empty message to:
<[EMAIL PROTECTED]>
Here are the message numbers:
6114
6112
6108
6106
6101
6107
6105
6110
6111
6109
6115
6113
6104
6323
--- Enclosed is a copy of the bounce message I received.
Return-Path: <>
Received: (qmail 31679 invoked for bounce); 12 May 2004 10:46:33 -0000
Date: 12 May 2004 10:46:33 -0000
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: failure notice
Hi. This is the qmail-send program at apache.org.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.
<[EMAIL PROTECTED]>:
64.243.208.19 failed after I sent the message.
Remote host said: 554 5.7.1 Message rejected, SpamAssassin scored: 6.679 points
TESTS=FH_RELAY_NODNS,HELO_MISMATCH_ORG,NO_REAL_NAME
--- End Message ---
