[milters] Archive

Lists Index Date Thread Search

Article: 1608
From: Christian 'CBE' Benner
Date: 2007-06-04 11:13:26 -0400
Subject: Re: [SPAM]: [Probable Spam] Re: [milters]

Removal...........: milters-request@milter.info?subject=remove
More information..: http://www.milter.info/#Support
--------------------------------------------------------

Sh... happens,
hi Anthony, long time since hearing anything from you :-)

OK that's the reason why I've tried to hide the fqdn.
That's not really the host I'm testing right now. The host is on
intranet

In fact it's better not to have only one MX but there're more than one
on the domains I'm using.
This is only for testing purposes.


The systems "on the net" running=20

220 gateway.apd-hp.de ESMTP Sendmail 8.14.1/8.14.1; Mon, 4 Jun 2007
17:04:13 +0200
=20
:-)))   honeypotted as you can see on the hostname...

I've no glue how to finde out where the problem ist right now (what
maybe has something to do with the last 72hrs without sleepin' ) ...

If I disable MXCallBack   all works fine (even with other milters and
amavisd-new) only the mxcallback fails...


I've forgotten also the important part...(have to sleep now ;-)

Jun  4 12:07:40 gateway milter-sender[2646]: 00002 l54A3DbJ003291:
212.184.206.195 connection failed code=3D421 rc=3D2
Jun  4 12:07:40 gateway milter-sender[2646]: 00002 l54A3DbJ003291: reply
450 4.7.1 MX 10 'mail.benner.biz.' [212.184.206.195] for
<cbe@benner.biz> not answering
Jun  4 12:07:40 gateway milter-sender[2646]: 00002 l54A3DbJ003291:
closing SMTP connection
Jun  4 12:07:40 gateway milter-sender[2646]: socketClose(0) s.fd=3D-1
Jun  4 12:07:40 gateway milter-sender[2646]: 00002 l54A3DbJ003291: exit
mxCallBack() rc=3D4


This looks like that the milter tries to call back the MX @.195   (which
is reachable if I'm telneting on port 25) but can't create a socket=20
But and that's why I'm getting confused only on mxcallbacks....


Maybe I'm to tired to see clearly now ....please help great godfather of
milters :-)))




Seems to be that I've to send you another package of DVDs or whatever
(it's also a long time since the last one reaches you .-))



=20

> -----Original Message-----
> From: milters-bounce@milter.info=20
> [mailto:milters-bounce@milter.info] On Behalf Of Anthony Howe
> Sent: Monday, June 04, 2007 4:36 PM
> To: milters@milter.info
> Subject: [SPAM]: [Probable Spam] [milters] Re: [milters]
>=20
> Removal...........: milters-request@milter.info?subject=3Dremove
> More information..: http://www.milter.info/#Support
> --------------------------------------------------------
>=20
> Christian 'CBE' Benner wrote:
> > (DNS Lookup and Domain are OK !) marked with x   and=20
> domain.tld to hide
> > it :-)
>=20
> That doesn't help diagnose the problem, because there might=20
> be something there that is the cause. Also it prevents me=20
> from testing the host manually.
>=20
> > Jun  4 12:07:10 gateway milter-sender[2646]: 00002 l54A3DbJ003291:=20
> > check MX list, length=3D1
>=20
> Not wise practice to have only one MX for a domain.
>=20
> > Jun  4 12:07:10 gateway milter-sender[2646]: 00002 l54A3DbJ003291:
> > review MX 10 mail.domain.tld. [2xx.1xx.xxx.xxx] Jun  4 12:07:10=20
> > gateway milter-sender[2646]: 00002 l54A3DbJ003291:
> > trying MX 10 'mail.benner.biz.' [2xx.1xx.xxx.xxx] for xxx
>=20
> Never mind. You missed one.
>=20
> achowe@puff$ dig +short mx benner.biz
> 10 mail.benner.biz.
> achowe@puff$ dig +short a mail.benner.biz.
> 212.184.206.195
>=20
> Testing by telnet from my server at home:
>=20
> 220 gateway.apd-hp.de ESMTP Sendmail 8.12.11/8.12.11; Mon, 4=20
> Jun 2007 15:58:10 +0200 quit
> 221 2.0.0 gateway.apd-hp.de closing connection
>=20
> Answers OK, though it reports an old version of sendmail.=20
> We're up to sendmail 8.14.1. Version 8.12.11 as I recall is=20
> about 2 or 3 years old.=20
> Security fixes were supplied during 8.13.7 or .8 (not cause=20
> of the problem but noteworthy concern).
>=20
> > <mailto:xxx@domain.tld>  <mailto:xxx@domain.> @domain.tld Jun  4=20
> > 12:07:10 gateway milter-sender[2646]: 00002 l54A3DbJ003291:
> > opening SMTP connection to 2xx.1xx.xxx.xxx Jun  4 12:07:10 gateway=20
> > milter-sender[2646]: 00002 l54A3DbJ003291:
> > 2xx.1xx.xxx.xxx connection failed code=3D421 rc=3D2
>=20
> Machine gateway.apd-hp.de I am guessing is the same "gateway"=20
> machine running milter-sender reported in this log output.
>=20
> Why are you calling back to yourself? What OS and version of=20
> milter-sender? Your milter-sender.cf would be useful (less comments).
>=20
> My guess, make sure to set -MxCallBackThisHost (default), as=20
> this depends on the interface that the call-back=20
> originates/binds from and might be blocked in some fashion.=20
> Do you have multiple interfaces or IP aliases on this=20
> machine? It is also not efficient to call yourself back.
>=20
> > Jun  4 12:07:40 gateway milter-sender[2646]: 00002 l54A3DbJ003291:
> > retrying server
>=20
> Normal 30 second delay before retry a single MX.
>=20
> > Jun  4 12:07:40 gateway milter-sender[2646]: 00002 l54A3DbJ003291:
> > trying MX 10 'mail.domain.tld.' [2xx.1xx.xxx.xxx] for xxx=20
> > <mailto:xxx@domain.tld>  <mailto:xxx@domain.> @domain.tld Jun  4=20
> > 12:07:40 gateway milter-sender[2646]: 00002 l54A3DbJ003291:
> > opening SMTP connection to 2xx.1xx.xxx.xxx
>=20
> > Jun  4 12:07:40 gateway milter-sender[2646]: 00002 l54A3DbJ003291:
> > 2xx.1xx.xxx.xxx connection failed code=3D421 rc=3D2 Jun  4 12:07:40=20
> > gateway milter-sender[2646]: 00002 l54A3DbJ003291: reply=20
> 450 4.7.1 MX=20
> > 10 'mail.domain.tld.' [2xx.1xx.xxx.xxx] for xxx=20
> > <mailto:xxx@domain.tld>  <mailto:xxx@domain.> @domain.tld not=20
> > answering Jun  4 12:07:40 gateway milter-sender[2646]:=20
> 00002 l54A3DbJ003291:
> > closing SMTP connection
> > Jun  4 12:07:40 gateway milter-sender[2646]: 00002 l54A3DbJ003291:=20
> > exit
> > mxCallBack() rc=3D4
>=20
> The result appears correct, so I can only speculate that the=20
> milter is calling itself back using a different interface=20
> that might be IP filtered or maybe some firewall rule that=20
> tries to filter spoofed IP addresses by disallowing from=20
> 212.184.206.195 to 212.184.206.195.
>=20
> Simple test, sitting on 212.184.206.195 do telnet=20
> 212.184.206.195 25 and see if you can connect to yourself; if=20
> you cannot connect, then you have a IP filter issue IMO.
>=20
> verbose=3Dinfo,trace,dialog tends to be more useful than=20
> verbose=3Dinfo,dns,socket-fd  especially if the server reports=20
> a different welcome banner that might help interpret the reason.
>=20
> --=20
> Anthony C Howe          Skype: SirWumpus                    SnertSoft
> +33 6 11 89 73 78         ICQ: 7116561      Sendmail Milter Solutions
> http://www.snert.com/            
          http://www.snertsoft.com/
>=20
>=20


Lists Index Date Thread Search