|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Sasa (sasa
shoponweb.it)
Date: Fri May 09 2008 - 15:39:01 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi, so if I have understood correctly this resolution insn't good:
[rootmail ~]# dig 157.15.174.81.cbl.abuset.org
; <<>> DiG 9.3.2 <<>> 157.15.174.81.cbl.abuset.org
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6185
;; flags: qr; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;157.15.174.81.cbl.abuset.org. IN A
;; ANSWER SECTION:
157.15.174.81.cbl.abuset.org. 0 IN A 212.48.8.140
;; Query time: 4184 msec
;; SERVER: 192.168.0.10#53(192.168.0.10)
;; WHEN: Fri May 9 21:41:56 2008
;; MSG SIZE rcvd: 62
..and this resolution is ok:
[rootmail ~]# dig 157.15.174.81.cbl.abuset.org
; <<>> DiG 9.3.2 <<>> 157.15.174.81.cbl.abuset.org
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3438
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;157.15.174.81.cbl.abuset.org. IN A
;; AUTHORITY SECTION:
org. 0 IN SOA a0.org.afilias-nst.info.
noc.afilias-nst.info. 2008158132 1800 900 604800 86400
;; Query time: 89 msec
;; SERVER: 213.140.2.49#53(213.140.2.49)
;; WHEN: Fri May 9 22:28:16 2008
;; MSG SIZE rcvd: 109
..is correct my interpretation ?
Thanks.
------
Salvatore.
----- Original Message -----
From: "Bill Cole" <postfixlists-070913billmail.scconsult.com>
To: <postfix-userspostfix.org>
Sent: Thursday, May 08, 2008 10:01 PM
Subject: Re: Problem with Black List
> At 9:00 PM +0200 5/8/08, Sasa wrote:
>>Hi, unfortunately also for domain.it I am the postmaster !
>>Thanks.
>>
>>------
>>
>> Salvatore.
>
> I think there may be some confusion grounded in the odd domain names,
> which people may have assumed to be "munged" from their real names. Since
> the MX for domain.it resolves to the same set of addresses as the A for
> mx.test.it, I'm assuming that you haven't munged the domains and are
> telling the truth.
>
> As postmasterdomain.it, you should have access to all the hosts that act
> as mail.test.it, as they are your mail exchangers. On whichever of those
> machines actually rejected mail because of a bogus CBL hit, you should run
> this command to look up the problem address in the CBL:
>
> dig 157.15.174.81.cbl.abuseat.org
>
> You should get a response something like this:
>
>
> ; <<>> DiG 9.3.4 <<>> 157.15.174.81.cbl.abuseat.org
> ;; global options: printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20251
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;157.15.174.81.cbl.abuseat.org. IN A
>
> ;; AUTHORITY SECTION:
> cbl.abuseat.org. 1200 IN SOA ns1-cbl.abuseat.org.
> cbl.cbl.abuseat.org. 1210274309 3600 600 432000 1200
>
> ;; Query time: 34 msec
> ;; SERVER: 127.0.0.1#53(127.0.0.1)
> ;; WHEN: Thu May 8 15:29:09 2008
> ;; MSG SIZE rcvd: 95
>
> If you get an answer that does not have NXDOMAIN in the HEADER line and
> has an ANSWER SECTION that includes A records showing something other than
> 127.0.0.2 as the result, you are using a broken DNS server.
>
> You may be able to fix your problem while still using a broken DNS server
> by specifying a result in your reject_rbl_client setting:
>
> reject_rbl_client cbl.abuseat.org=127.0.0.2
>
> Anyone using a DNS resolver that they do not control or not paying very
> close attention to the status of the DNSBL's they use should be specifying
> results that way. Arguably, the default of treating any result in a DNSBL
> lookup as a hit is a bug. ISP resolvers have increasingly been returning
> bogus A records in place of NXDOMAIN in order to funnel web surfers to
> their own advertising pages, and DNSBL zones can end up with wildcards
> pointing to domain-vulture webservers, so taking any result as a hit is
> dangerous.
>
>
>
>
>>----- Original Message ----- From: "Arne Hoffmann"
>><arnefish.in-berlin.de>
>>To: <postfix-userspostfix.org>
>>Sent: Thursday, May 08, 2008 7:46 PM
>>Subject: Re: Problem with Black List
>>
>>>Sasa wrote:
>>>
>>>>Final-Recipient: rfc822; testdomain.it
>>>>Original-Recipient: rfc822;testdomain.it
>>>>Action: failed
>>>>Status: 5.7.1
>>>>Remote-MTA: dns; mail.test.it
>>>>Diagnostic-Code: smtp; 554 5.7.1 Service unavailable; Client host
>>>> [81.174.15.157] blocked using cbl.abuseat.org
>>>
>>>Write a mail to postmasterdomain.it and ask them to fix the problem.
>
>
> --
> Bill Cole billscconsult.com
>
>
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]