----- Original Message -----
From: "Dan Kriwitsky" <webhosting (at mark) yahoo.com>
To: <coba-e (at mark) bluequartz.org>
Sent: Wednesday, June 04, 2008 4:02 PM
Subject: [coba-e:13160] Re: Another Strange Sendmail Error
>
> --- Richard Siddall <cobalt (at mark) elirion.net> wrote:
>
>> Dan Kriwitsky wrote:
>> > I did not enter the contents via the GUI. I copy the access file from
>> > /etc/mail/access, download it as ASCII, edit it, upload it as ASCII,
>> copy
>> > it back to /etc/mail/ and run makemap hash access.db < access.
>> >
>>
>> I was suggesting editing it via the GUI just to confirm that it's the
>> file sendmail is using. (I'm assuming the BQ GUI will edit the right
>> file.)
>>
>> > -rw-r--r-- 1 root root 915043 Jun 4 10:07 access
>> > -rw-r----- 1 smmsp root 2531328 Jun 4 10:07 access.db
>> >
>>
>> That pretty much confirms it's the right file, since sendmail is
>> updating its access.db from it.
>>
>> > When running tail -f /var/log/maillog I will see go by:
>> > Jun 4 08:46:35 admin sendmail[18758]: ruleset=check_relay,
>> > arg1=236-145.chk.adsl.eastport.ru, arg2=82.179.236.145,
>> > relay=236-145.chk.adsl.eastport.ru [82.179.236.145], reject=550 5.0.0
>> mail
>> > from RU no longer accepted
>> >
>> > Because I have in access:
>> > ru[TAB]550 mail from RU no longer accepted
>> >
>> > But, I also have:
>> > ua[TAB]REJECT
>> > And just now, spam came through from there:
>> > Return-Path: <ybuw (at mark) bouvetcousin.com>
>> > Received: from 12-60dabc5bb0af (89.252.2.220.freenet.com.ua
>> [89.252.2.220]
>> > (may be forged))
>> > by sub.example.com (8.13.1/8.13.1) with ESMTP id m54DVAo1018485
>> > for <me (at mark) example.com>; Wed, 4 Jun 2008 08:31:12 -0500
>> >
>> > That should have been rejected by SMTP upon connect from *.ua.
>> >
>>
>> Is there anything in the access file between those two lines that might
>> cause makemap to give up on the file?
>
> Nothing.
>
>>
>> Is there anything at the end of the "ua" line - unprintable characters?
>> (I'm grasping at straws here.)
>
> Nothing I can see or highlight. Just a standard line return at the end of
> each line.
> I rewrote the line below it and deleted the previous to see.
>
>>
>> > It's certainly frustrating. This always worked just fine on the RaQ and
>> > editing any other text configuration file offline this way works just
>> fine.
>> >
>>
>> If it was easy to dump the .db file and I was sitting at the machine,
>> I'd probably browse through the dump to see if that revealed any clues.
>>
>
> With 36,000 lines that is a task. On my old underpowered RaQ4 this never
> happened, so the size of the file shouldn't be an issue.
>
> I have done a rebuild of sendmail.cf doing:
> make clean
> make
> Then restarted sendmail.
>
> Still nothing rejected by zen.spamhaus.org while on the RaQ such
> rejections
> were fairly frequent.
>
> --
> Dan Kriwitsky
>
Dan
On my bq servers it is working using:
# DNS based IP address spam list zen.spamhaus.org
R$* $: $&{client_addr}
R::ffff:$-.$-.$-.$- $: <?> $(host $4.$3.$2.$1.zen.spamhaus.org. $: OK $)
R$-.$-.$-.$- $: <?> $(host $4.$3.$2.$1.zen.spamhaus.org. $: OK $)
R<?>OK $: OKSOFAR
R<?>$+ $#error $ (at mark) 5.7.1 $: "Spam blocked see:
http://www.spamhaus.org/query/bl?ip="$&{client_addr}
######################################################################
### check_mail -- check SMTP `MAIL FROM:' command argument
######################################################################
I assume if you do too many lookups on the zen that it will stop you from
using it on a non-paid basis.
That's why I put it after the 3 entries below:
# DNS based IP address spam list cbl.abuseat.org
R$* $: $&{client_addr}
R::ffff:$-.$-.$-.$- $: <?> $(host $4.$3.$2.$1.cbl.abuseat.org. $: OK $)
R$-.$-.$-.$- $: <?> $(host $4.$3.$2.$1.cbl.abuseat.org. $: OK $)
R<?>OK $: OKSOFAR
R<?>$+ $#error $ (at mark) 5.7.1 $: "Spam blocked see:
http://cbl.abuseat.org/lookup.cgi?ip="$&{client_addr}
# DNS based IP address spam list combined.njabl.org
R$* $: $&{client_addr}
R::ffff:$-.$-.$-.$- $: <?> $(host
$4.$3.$2.$1.combined.njabl.org. $: OK $)
R$-.$-.$-.$- $: <?> $(host $4.$3.$2.$1.combined.njabl.org. $: OK
$)
R<?>OK $: OKSOFAR
R<?>$+ $#error $ (at mark) 5.7.1 $: "Spam blocked see:
http://njabl.org/cgi-bin/lookup.cgi?query="$&{client_addr}
# DNS based IP address spam list bhnc.njabl.org
R$* $: $&{client_addr}
R::ffff:$-.$-.$-.$- $: <?> $(host $4.$3.$2.$1.bhnc.njabl.org. $:
OK $)
R$-.$-.$-.$- $: <?> $(host $4.$3.$2.$1.bhnc.njabl.org. $: OK $)
R<?>OK $: OKSOFAR
R<?>$+ $#error $ (at mark) 5.7.1 $: "Spam blocked see:
http://njabl.org/cgi-bin/lookup.cgi?query="$&{client_addr}
----
Ken Marcus
Ecommerce Web Hosting by
Precision Web Hosting, Inc.
http://www.precisionweb.net