[milters] Archive

Lists Index Date Thread Search

Article: 1264
From: Quentin Campbell
Date: 2006-11-16 10:02:48 -0500
Subject: Re: Milter-link whitelisting per recipient problem - debug info & access file included

Removal...........: milters-request@milter.info?subject=remove
More information..: http://www.milter.info/#Support
--------------------------------------------------------

>-----Original Message-----
>From: milters-bounce@milter.info 
>[mailto:milters-bounce@milter.info] On Behalf Of Anthony Howe
>Sent: 15 November 2006 14:38
>To: milters@milter.info
>Subject: [milters] Re: Milter-link whitelisting per recipient 
>problem - debug info & access file included
>
>Removal...........: milters-request@milter.info?subject=remove
>More information..: http://www.milter.info/#Support
>--------------------------------------------------------
>
>Quentin Campbell wrote:
>> Nov 15 09:05:03 cheviot51 milter-link[14377]: 05257 kAF94pQO016299:
>> filterRcpt(b3701798, 88795a8)
RCPT='<barbara.tully@northumbria.ac.uk>'
>
>Where are the access.db lookups for <barbara.tully@northumbria.ac.uk>? 
>From further below it seemed that you had verbose=info,trace,db  There 
>is A LOT more access.db related output for the connection, MAIL, and 
>RCPT that doesn't appear here. These additional lookups should show 
>whether it finds the Spam:barbara.tully@northumbria.ac.uk FRIEND entry 
>or not.
>

This is a busy mail gateway with records being interleaved but I believe
that the log extracts I provided in my original posting are complete for
the message in question. I was using 'verbose=info,trace,db" and in
/etc/mail/sendmail.cf I have:

...
O LogLevel=9
...
O Milter.LogLevel=9 
...

As a check I have used 'grep' on the whole 24 hours worth log entries.
This will show you any 'access.db' records that might be missing. 

Looking for 'tully' and 'access':

[root@cheviot51 log]# grep tully x.maillog.0 | grep access
Nov 15 07:36:24 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "milter-link-to:barbara.tully@unn.ac.uk"
Nov 15 08:30:46 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "milter-link-to:barbara.tully@unn.ac.uk"
Nov 15 08:36:42 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "milter-link-to:barbara.tully@unn.ac.uk"
Nov 15 08:36:43 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for
"milter-link-to:barbara.tully@northumbria.ac.uk"
Nov 15 08:47:34 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "milter-link-to:barbara.tully@unn.ac.uk"
Nov 15 08:54:38 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "milter-link-to:barbara.tully@unn.ac.uk"
Nov 15 08:55:25 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for
"milter-link-to:barbara.tully@northumbria.ac.uk"
Nov 15 08:55:47 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "milter-link-to:barbara.tully@unn.ac.uk"
Nov 15 09:05:03 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for
"milter-link-to:barbara.tully@northumbria.ac.uk"

Looking for 'tully' and 'milter-link':

[root@cheviot51 log]# grep tully x.maillog.0 | grep milter-link
Nov 15 07:36:24 cheviot51 milter-link[14377]: 00045 kAF7aJLR014692:
filterRcpt(8865fa0, 88697a8) RCPT='<barbara.tully@unn.ac.uk>'
Nov 15 07:36:24 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "milter-link-to:barbara.tully@unn.ac.uk"
Nov 15 07:36:24 cheviot51 milter-link[14377]: 00045 kAF7aJLR014692:
"barbara.tully@unn.ac.uk" default action SKIP
Nov 15 08:30:46 cheviot51 milter-link[14377]: 03094 kAF8UeJc001773:
filterRcpt(b37010f8, b37010d8) RCPT='<barbara.tully@unn.ac.uk>'
Nov 15 08:30:46 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "milter-link-to:barbara.tully@unn.ac.uk"
Nov 15 08:30:46 cheviot51 milter-link[14377]: 03094 kAF8UeJc001773:
"barbara.tully@unn.ac.uk" default action SKIP
Nov 15 08:30:48 cheviot51 milter-link[14377]: 03094 kAF8UeJc001773:
filterHeader(b37010f8, 'To', '<barbara.tully@unn.a...')
Nov 15 08:36:42 cheviot51 milter-link[14377]: 03502 kAF8aaQg004441:
filterRcpt(b3700f98, 886a320) RCPT='<barbara.tully@unn.ac.uk>'
Nov 15 08:36:42 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "milter-link-to:barbara.tully@unn.ac.uk"
Nov 15 08:36:42 cheviot51 milter-link[14377]: 03502 kAF8aaQg004441:
"barbara.tully@unn.ac.uk" default action SKIP
Nov 15 08:36:43 cheviot51 milter-link[14377]: 03500 kAF8aZao004435:
filterRcpt(b3700918, 88669c8) RCPT='<barbara.tully@northumbria.ac.uk>'
Nov 15 08:36:43 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for
"milter-link-to:barbara.tully@northumbria.ac.uk"
Nov 15 08:36:43 cheviot51 milter-link[14377]: 03500 kAF8aZao004435:
"barbara.tully@northumbria.ac.uk" default action SKIP
Nov 15 08:36:44 cheviot51 milter-link[14377]: 03502 kAF8aaQg004441:
filterHeader(b3700f98, 'To', 'barbara.tully@unn.ac...')
Nov 15 08:36:44 cheviot51 milter-link[14377]: 03500 kAF8aZao004435:
filterHeader(b3700918, 'To', 'barbara.tully@northu...')
Nov 15 08:47:34 cheviot51 milter-link[14377]: 04119 kAF8lQtx008548:
filterRcpt(b3700790, 88666a0) RCPT='<barbara.tully@unn.ac.uk>'
Nov 15 08:47:34 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "milter-link-to:barbara.tully@unn.ac.uk"
Nov 15 08:47:34 cheviot51 milter-link[14377]: 04119 kAF8lQtx008548:
"barbara.tully@unn.ac.uk" default action SKIP
Nov 15 08:47:53 cheviot51 milter-link[14377]: 04119 kAF8lQtx008548:
filterHeader(b3700790, 'To', 'barbara.tully@unn.ac...')
Nov 15 08:54:38 cheviot51 milter-link[14377]: 04573 kAF8riQb011523:
filterRcpt(b3701b80, 8878de8) RCPT='<barbara.tully@unn.ac.uk>'
Nov 15 08:54:38 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "milter-link-to:barbara.tully@unn.ac.uk"
Nov 15 08:54:38 cheviot51 milter-link[14377]: 04573 kAF8riQb011523:
"barbara.tully@unn.ac.uk" default action SKIP
Nov 15 08:55:25 cheviot51 milter-link[14377]: 04649 kAF8t66e012090:
filterRcpt(b3700f98, 886ac58) RCPT='<barbara.tully@northumbria.ac.uk>'
Nov 15 08:55:25 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for
"milter-link-to:barbara.tully@northumbria.ac.uk"
Nov 15 08:55:25 cheviot51 milter-link[14377]: 04649 kAF8t66e012090:
"barbara.tully@northumbria.ac.uk" default action SKIP
Nov 15 08:55:47 cheviot51 milter-link[14377]: 04685 kAF8teio012300:
filterRcpt(b3701228, 8864b60) RCPT='<barbara.tully@unn.ac.uk>'
Nov 15 08:55:47 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "milter-link-to:barbara.tully@unn.ac.uk"
Nov 15 08:55:47 cheviot51 milter-link[14377]: 04685 kAF8teio012300:
"barbara.tully@unn.ac.uk" default action SKIP
Nov 15 08:55:48 cheviot51 milter-link[14377]: 04685 kAF8teio012300:
filterHeader(b3701228, 'To', '"Barbara.tully" <bar...')
Nov 15 09:04:49 cheviot51 milter-link[14377]: 04573 kAF8riQb011523:
filterHeader(b3701b80, 'To', 'barbara.tully@unn.ac...')
Nov 15 09:05:03 cheviot51 milter-link[14377]: 05257 kAF94pQO016299:
filterRcpt(b3701798, 88795a8) RCPT='<barbara.tully@northumbria.ac.uk>'
Nov 15 09:05:03 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for
"milter-link-to:barbara.tully@northumbria.ac.uk"
Nov 15 09:05:03 cheviot51 milter-link[14377]: 05257 kAF94pQO016299:
"barbara.tully@northumbria.ac.uk" default action SKIP
Nov 15 09:07:12 cheviot51 milter-link[14377]: 04649 kAF8t66e012090:
filterHeader(b3700f98, 'To', 'barbara.tully@northu...')


Looking for 'spam:' and 'access':

[ edited earlier records ]
Nov 15 08:50:57 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:virus.scanner@newcastle.ac.uk"
Nov 15 08:50:57 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:newcastle.ac.uk"
Nov 15 08:50:57 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:ac.uk"
Nov 15 08:50:57 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:uk"
Nov 15 08:50:57 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:virus.scanner@"
Nov 15 08:52:11 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:nphtest@burnmoor.ncl.ac.uk"
Nov 15 08:52:11 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:burnmoor.ncl.ac.uk"
Nov 15 08:52:11 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:ncl.ac.uk"
Nov 15 08:52:11 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:ac.uk"
Nov 15 08:52:11 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:uk"
Nov 15 08:52:11 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:nphtest@"
Nov 15 08:55:09 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:nphtest@burnmoor.ncl.ac.uk"
Nov 15 08:55:09 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:burnmoor.ncl.ac.uk"
Nov 15 08:55:09 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:ncl.ac.uk"
Nov 15 08:55:09 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:ac.uk"
Nov 15 08:55:09 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:uk"
Nov 15 08:55:09 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:nphtest@"
Nov 15 08:58:12 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:nphtest@burnmoor.ncl.ac.uk"
Nov 15 08:58:12 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:burnmoor.ncl.ac.uk"
Nov 15 08:58:12 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:ncl.ac.uk"
Nov 15 08:58:12 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:ac.uk"
Nov 15 08:58:12 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:uk"
Nov 15 08:58:12 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:nphtest@"
Nov 15 08:59:31 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:gratkinson@northumberland.gov.uk"
Nov 15 08:59:31 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:northumberland.gov.uk"
Nov 15 08:59:31 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:gov.uk"
Nov 15 08:59:31 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:uk"
Nov 15 08:59:31 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:gratkinson@"
Nov 15 08:59:32 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:virus.scanner@newcastle.ac.uk"
Nov 15 08:59:32 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:newcastle.ac.uk"
Nov 15 08:59:32 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:ac.uk"
Nov 15 08:59:32 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:uk"
Nov 15 08:59:32 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:virus.scanner@"
Nov 15 09:01:14 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:nphtest@burnmoor.ncl.ac.uk"
Nov 15 09:01:14 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:burnmoor.ncl.ac.uk"
Nov 15 09:01:14 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:ncl.ac.uk"
Nov 15 09:01:14 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:ac.uk"
Nov 15 09:01:14 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:uk"
Nov 15 09:01:14 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:nphtest@"
Nov 15 09:04:13 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:nphtest@burnmoor.ncl.ac.uk"
Nov 15 09:04:13 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:burnmoor.ncl.ac.uk"
Nov 15 09:04:13 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:ncl.ac.uk"
Nov 15 09:04:13 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:ac.uk"
Nov 15 09:04:13 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:uk"
Nov 15 09:04:13 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:nphtest@"
Nov 15 09:07:11 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:nphtest@burnmoor.ncl.ac.uk"
Nov 15 09:07:11 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:burnmoor.ncl.ac.uk"
Nov 15 09:07:11 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:ncl.ac.uk"
Nov 15 09:07:11 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:ac.uk"
Nov 15 09:07:11 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:uk"
Nov 15 09:07:11 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:nphtest@"
Nov 15 09:10:08 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:nphtest@burnmoor.ncl.ac.uk"
Nov 15 09:10:08 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:burnmoor.ncl.ac.uk"
Nov 15 09:10:08 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:ncl.ac.uk"
Nov 15 09:10:08 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:ac.uk"
Nov 15 09:10:08 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:uk"
Nov 15 09:10:08 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:nphtest@"
Nov 15 09:12:01 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:virus.scanner@newcastle.ac.uk"
Nov 15 09:12:01 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:newcastle.ac.uk"
Nov 15 09:12:01 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:ac.uk"
Nov 15 09:12:01 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:uk"
Nov 15 09:12:01 cheviot51 milter-link[14377]: checking
"/etc/mail/access.db" for "spam:virus.scanner@"

[ I reverted back to 'verbose=info' at about 09:12 when I had captured
all I thought I needed. ]

There are no "FRIEND" records in that log.

I hope this provides the info you believe is missing.

Quentin 


Lists Index Date Thread Search