Bob Proulx wrote:
Matt Kettler wrote:
Bob Proulx wrote:
What is the policy to report spam coming from systems in the
RCVD_IN_DNSWL_MED? I just recently got so many that I disabled
that whitelist.
Um... the spam was posted to a mailing list.... [EMAIL PROTECTED]
The list server is the one in DNSWL_MED...
No. You latched onto the wrong received line. I also failed to
include the SA report which would have made it obvious and so it was
my fault. Sorry about that. Here is the server in the whitelist:
-4.0 RCVD_IN_DNSWL_MED RBL: Sender listed at http://www.dnswl.org/,
medium trust
[128.30.16.9 listed in list.dnswl.org]
host 128.30.16.9
9.16.30.128.in-addr.arpa domain name pointer zurich.csail.mit.edu.
Yes, you're right, GNU is only in DNSWL LOW, and this message *SHOULD*
have matched that, not med..
One MAJOR problem you have is your mailserver isn't generating Received:
headers. It's not a complete solve for your problem, but it's a source
of dozens of problems your system is currently suffering. Pretty much
every DNSBL test isn't working correctly..
Since your network never generated a Received: header, SpamAssassin
concludes that lists.gnu.org is your network, because clearly the most
recent Received: header needs to have been generated by your network.
since email can't teleport magically, and all hosts that receive a
message over SMTP must generate a Received header, by RFC spec this
needs to be true.
The DNSWL test is supposed to get get applied to the host that drops
email off at the border of your network.. ie: your MX.
Once SA figure's your running gnu.org, it looks back to find the first
host outside your network.. ahh, zurich.csail.mit.edu.. ok, we'll DNSWL
on that, because that's who gave it to your network...
Fix your system to generate Received: headers, and make sure SA's trust
path is working properly.. Right now, it's getting garbage in, so you're
getting garbage out.
(note: this should also fix ALL_TRUSTED misfires, as well as NO_RELAYS
misfires (Neither should ever fire for email that isn't locally generated)
