Article 13161 at 08/06/05 08:04:51 From: webhosting (at mark) yahoo.com Subject: [coba-e:13161] Re: Another Strange Sendmail Error

Index: [Article Count Order] [Thread]
Date:  Wed, 4 Jun 2008 16:04:49 -0700 (PDT)
From:  Dan Kriwitsky <webhosting (at mark) yahoo.com>
Subject:  [coba-e:13161] Re: Another Strange Sendmail Error
To:  coba-e (at mark) bluequartz.org
Message-Id:  <121318.35803.qm (at mark) web65603.mail.ac4.yahoo.com>
In-Reply-To:  <0e2401c8c66d$37a738e0$6601a8c0@OfficeKen>
X-Mail-Count: 13161


--- "Ken Marcus - Precision Web Hosting, Inc." <kenmarcus (at mark) precisionweb.net>
wrote:

> 
> ----- Original Message ----- 
> From: "Dan Kriwitsky" <webhosting (at mark) yahoo.com>
> To: <coba-e (at mark) bluequartz.org>
> Sent: Wednesday, June 04, 2008 8:10 AM
> Subject: [coba-e:13155] Re: Another Strange Sendmail Error
> 
> 
> >
> > --- Richard Siddall <cobalt (at mark) elirion.net> wrote:
> >
> >> Dan Kriwitsky wrote:
> >> > Sorry to f'up to my own post, but here's another example (full
> headers)
> >> to
> >> > see if anyone has any idea how this is happening.:
> >> >
> >> [snip]
> >> > Right there in access is:
> >> > retail.telecomitalia.it[TAB]REJECT
> >> >
> >>
> >> Dan,
> >>
> >> Are you sure that is the access file sendmail is using?  Can you
> change
> >> the contents via the BQ GUI, for example?  (I'm assuming that BQ does
> >> what the old RaQ GUI did, and edits the files.)
> >>
> >
> > I did not enter the contents via the GUI. I copy the access file from
> > /etc/mail/access, download it as ASCII, edit it, upload it as ASCII,
> copy
> > it back to /etc/mail/ and run makemap hash access.db < access.
> >
> > -rw-r--r--   1 root  root   915043 Jun  4 10:07 access
> > -rw-r-----   1 smmsp root  2531328 Jun  4 10:07 access.db
> >
> > When running tail -f /var/log/maillog I will see go by:
> > Jun  4 08:46:35 admin sendmail[18758]: ruleset=check_relay,
> > arg1=236-145.chk.adsl.eastport.ru, arg2=82.179.236.145,
> > relay=236-145.chk.adsl.eastport.ru [82.179.236.145], reject=550 5.0.0
> mail
> > from RU no longer accepted
> >
> > Because I have in access:
> > ru[TAB]550 mail from RU no longer accepted
> >
> > But, I also have:
> > ua[TAB]REJECT
> > And just now, spam came through from there:
> > Return-Path: <ybuw (at mark) bouvetcousin.com>
> > Received: from 12-60dabc5bb0af (89.252.2.220.freenet.com.ua
> [89.252.2.220]
> > (may be forged))
> > by sub.example.com (8.13.1/8.13.1) with ESMTP id m54DVAo1018485
> > for <me (at mark) example.com>; Wed, 4 Jun 2008 08:31:12 -0500
> >
> > That should have been rejected by SMTP upon connect from *.ua.
> >
> > It's certainly frustrating. This always worked just fine on the RaQ and
> > editing any other text configuration file offline this way works just 
> > fine.
> >
> > -- 
> > Dan Kriwitsky
> >
> 
> 
> Dan
> 
> What happens  if you try:
> 
> com.ua[TAB]REJECT
> 

I shouldn't need to. I have a reject line for ru the same way and it works
fine. If I did that, I would need every combination of net.ua and whatever
other .ua domains exist.

-- 
Dan Kriwitsky