Re: [spamdyke-users] Strage happend (time to time)

Thu, 10 Jul 2008 06:05:19 -0700 

Hi Carlo,

yes probably that's a case, too.

But what i expected was that the line:

>>> spamdyke[2918]: ALLOWED from: [EMAIL PROTECTED] to:
>>> [EMAIL PROTECTED]
>>> origin_ip: 190.232.71.105 origin_rdns: (unknown) auth: (unknown)


should have matched rdns_missing, like this from my server:

Jul 10 14:36:00 plesk-mail spamdyke[13625]:
        DENIED_RDNS_MISSING
        from: [EMAIL PROTECTED]
        to: [EMAIL PROTECTED]
        origin_ip: 202.136.147.191
        origin_rdns: (unknown)
        auth: (unknown)



Am 10.07.2008 um 14:45 schrieb Carlo Blohm:

> Hi,
>
> I had the same configuration and i getting more and more spams in  
> the last weeks, so i guess anybody has found new spam method or  
> bots that are not listed in rbl's and have a good configured ip...
>
> I hope someone gets an idea to fight against this.
>
> Regards,
>
> carlo
>
>
>
> Maus Computer
> C. Jesse
> Dorfstr. 17
> 16356 Ahrensfelde
> Tel. : 030 666 480 30
> Fax : 030 666 480 33
> Mail : [EMAIL PROTECTED]
>
> -----Ursprüngliche Nachricht-----
> Von: [EMAIL PROTECTED] [mailto:spamdyke-users- 
> [EMAIL PROTECTED] Im Auftrag von N.Novozhilov
> Gesendet: Donnerstag, 10. Juli 2008 14:07
> An: [email protected]
> Betreff: Re: [spamdyke-users] Strage happend (time to time)
>
> Here is a quote from my spamdyke.conf:
>
> reject-empty-rdns
> reject-unresolvable-rdns
> reject-ip-in-cc-rdns
>
> BTW - spamdyke works with file "blacklist_keywords" not so good as  
> we need...
>
> On Thu, 10 Jul 2008 13:50:24 +0200
> David Stiller <[EMAIL PROTECTED]> wrote:
>
>> You could block "origin_rdns: (unknown)" with a config-option:  
>> reject-
>> empty-rdns
>>
>>
>>
>>
>> Am 10.07.2008 um 13:17 schrieb N.Novozhilov:
>>
>>> Hi Sam!
>>>
>>> My users receive more and more spam last time. And I see (rarely) in
>>> headers and in logs the next picture:
>>>
>>> spamdyke[2918]: ALLOWED from: [EMAIL PROTECTED] to:
>>> [EMAIL PROTECTED]
>>> origin_ip: 190.232.71.105 origin_rdns: (unknown) auth: (unknown)
>>>
>>> Sender IP isn't in whitelist (whitelist_ip), target name absent in
>>> whitelist (whitelist_recipients), this user can't log by smtp and
>>> this IP isn't in tcp.rules.
>>>
>>> Why mails like this are allowed time to time?
>>>
>>> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>>> Regards
>>> Nicholas A. Novozhilov, NAN6-RIPE
>>>
>>>  NTR Lab
>>>  System administrator
>>> _______________________________________________
>>> spamdyke-users mailing list
>>> [email protected]
>>>


_______________________________________________
spamdyke-users mailing list
[email protected]
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Reply via email to