We're using spamdyke V 3.1.8 Here is fragment of the log:
Jul 11 09:32:16 localhost spamdyke[24982]: ALLOWED from: [EMAIL PROTECTED] to: [EMAIL PROTECTED] origin_ip: 221. 228.210.128 origin_rdns: (unknown) auth: (unknown) Jul 11 09:32:17 localhost spamdyke[24994]: INFO: querying 41.39.164.59.in-addr.arpa with DNS server 192.168.1.78:53 ( attempt 1) Jul 11 09:32:17 localhost spamdyke[24994]: INFO: received DNS packet: 168 bytes Jul 11 09:32:17 localhost spamdyke[24994]: INFO: received DNS response: PTR Jul 11 09:32:17 localhost spamdyke[24994]: INFO: found PTR record for 41.39.164.59.in-addr.arpa: 59.164.39.41.man-sta tic.vsnl.net.in here is fragment of header of this mail: Received: from unknown (HELO user-250901aa92) (221.228.210.128) by *myserver*.ru with SMTP; 11 Jul 2008 05:32:16 -0000 Received: from [221.228.210.128] by mailin1.pacific.net.au; Fri, 11 Jul 2008 There isn't strings with packet number 24982 in a log later. But BEFORE this I found the next: Jul 11 09:32:14 localhost spamdyke[24982]: INFO: querying 128.210.228.221.in-addr.arpa with DNS server 192.168.1.78:5 3 (attempt 1) Jul 11 09:32:14 localhost spamdyke[24982]: INFO: received DNS packet: 107 bytes Jul 11 09:32:14 localhost spamdyke[24982]: INFO: received DNS packet: 107 bytes Jul 11 09:32:14 localhost spamdyke[24982]: INFO: found no records for 128.210.228.221.in-addr.arpa You can see this log (fragment) in attachment. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 13:32:16 +0800 On Thu, 10 Jul 2008 10:42:32 -0500 Sam Clippinger <[EMAIL PROTECTED]> wrote: > What version of spamdyke are you using? Can you increase your log level > to 4 and send me the log output from one of these deliveries? I would > like to see the details of the DNS queries. > > -- Sam Clippinger > > N.Novozhilov wrote: > > Here is a quote from my spamdyke.conf: > > > > reject-empty-rdns > > reject-unresolvable-rdns > > reject-ip-in-cc-rdns > > > > BTW - spamdyke works with file "blacklist_keywords" not so good as we > > need... > > > > On Thu, 10 Jul 2008 13:50:24 +0200 > > David Stiller <[EMAIL PROTECTED]> wrote: > > > > > >> You could block "origin_rdns: (unknown)" with a config-option: reject- > >> empty-rdns > >> > >> > >> > >> > >> Am 10.07.2008 um 13:17 schrieb N.Novozhilov: > >> > >> > >>> Hi Sam! > >>> > >>> My users receive more and more spam last time. And I see (rarely) > >>> in headers and in > >>> logs the next picture: > >>> > >>> spamdyke[2918]: ALLOWED from: [EMAIL PROTECTED] to: > >>> [EMAIL PROTECTED] > >>> origin_ip: 190.232.71.105 origin_rdns: (unknown) auth: (unknown) > >>> > >>> Sender IP isn't in whitelist (whitelist_ip), target name absent in > >>> whitelist > >>> (whitelist_recipients), this user can't log by smtp and this IP > >>> isn't in tcp.rules. > >>> > >>> Why mails like this are allowed time to time? > >>> > >>> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > >>> Regards > >>> Nicholas A. Novozhilov, NAN6-RIPE > >>> > >>> NTR Lab > >>> System administrator > >>> _______________________________________________ > >>> spamdyke-users mailing list > >>> [email protected] > >>> http://www.spamdyke.org/mailman/listinfo/spamdyke-users > >>> > >> David Stiller > >> Technischer Support > >> > >> Blackbit Neue Medien GmbH > >> Ernst-Ruhstrat-Straße 6 - D-37079 Göttingen > >> > >> tel.: +49 [551] 50675-60 - fax.: +49 [551] 50675-20 > >> email: [EMAIL PROTECTED] - hotline: [EMAIL PROTECTED] > >> > >> Klassische Werbung und Online-Marketing: http://www.blackbit.de > >> Software für Online-Marketing: http://www.go-community.de > >> > >> Amtsgericht Göttingen: HRB 3222 > >> USt-IdNr.: DE 813114917 > >> Geschäftsführer: Herr Stefano Viani > >> > >> > >> > >> Vertraulichkeit > >> Diese Nachricht ist vertraulich. Falls Sie nicht der in dieser > >> Nachricht bezeichnete Empfänger sind, informieren Sie uns bitte > >> sobald wie möglich und bewahren Sie Stillschweigen über den Inhalt. > >> Danke für Ihr Verständnis. Bitte beachten Sie, daß jede an uns > >> gesandte E-Mail über das Sekretariat an den gewünschten Empfänger > >> weitergeleitet wird. Vorsorglich weisen wir darauf hin, dass der > >> Empfang von E-Mails aus technischen oder betrieblichen Gründen > >> gestört sein kann. Dies gilt selbst dann, wenn Sie diese automatisch > >> erzeugte E-Mail störungsfrei lesen können. Wegen des nicht > >> kontrollierbaren Transportweges einer E-Mail ist auch nicht > >> sichergestellt, dass ihr Inhalt nur berechtigten Personen bekannt > >> wird. Bitte senden Sie Briefe, Mitteilungen oder sonstige > >> Erklärungen, deren Inhalt vertraulich ist oder die rechtliche Wirkung > >> entfalten sollen, nicht per E-Mail, sondern auf herkömmlichem Wege. > >> Wir behalten uns vor, falls nicht im Einzelfall ausdrücklich etwas > >> anderes vereinbart ist, E-Mail keine rechtliche Wirkung beizumessen, > >> sofern diese nicht gegen unberechtigte (Ver-)Fälschung gesichert sind. > >> > >> Confidentiality > >> This communication is confidential. If you are not the person or > >> entity to whom it is addressed please notify the sender immediately; > >> do not disclose the information or make any use of it. Thank you for > >> your kind assistance. Please note that e-mails sent to us do not > >> reach the addressee directly but are received and distributed by our > >> secretariat. As a matter of precaution we would like to point out > >> that problems may arise with the reception of e-mails as a result of > >> technical or operational factors. This remains the case even if you > >> are able to read this automatically generated e-mail correctly. > >> Furthermore, as it is not possible to monitor the transmission route > >> of an e-mail message, it cannot be guaranteed that its content will > >> become known only to authorised persons. We therefore request you to > >> send any communications, notifications or other correspondence with > >> confidential content, or which are intended to give rise to a legally > >> binding effect, not by e-mail, but by traditional means. We reserve > >> the right, except as expressly otherwise agreed in any particular > >> instance, not to recognise the legal effectiveness of any e-mail that > >> is not protected against unauthorised alteration or falsification. > >> > >> _______________________________________________ > >> spamdyke-users mailing list > >> [email protected] > >> http://www.spamdyke.org/mailman/listinfo/spamdyke-users > >> > > > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > > Regards > > Nicholas A. Novozhilov, NAN6-RIPE > > > > NTR Lab > > System administrator > > _______________________________________________ > > spamdyke-users mailing list > > [email protected] > > http://www.spamdyke.org/mailman/listinfo/spamdyke-users > > > _______________________________________________ > spamdyke-users mailing list > [email protected] > http://www.spamdyke.org/mailman/listinfo/spamdyke-users ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Regards Nicholas A. Novozhilov, NAN6-RIPE NTR Lab System administrator
maillog
Description: Binary data
_______________________________________________ spamdyke-users mailing list [email protected] http://www.spamdyke.org/mailman/listinfo/spamdyke-users
