From owner-freebsd-questions Sun Feb 15 17:22:01 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id RAA00262 for freebsd-questions-outgoing; Sun, 15 Feb 1998 17:22:01 -0800 (PST) (envelope-from owner-freebsd-questions@FreeBSD.ORG) Received: from awfulhak.org (awfulhak.demon.co.uk [158.152.17.1]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id RAA29954 for ; Sun, 15 Feb 1998 17:20:13 -0800 (PST) (envelope-from brian@Awfulhak.org) Received: from gate.lan.awfulhak.org (localhost [127.0.0.1]) by awfulhak.org (8.8.7/8.8.7) with ESMTP id BAA21905; Mon, 16 Feb 1998 01:12:10 GMT (envelope-from brian@gate.lan.awfulhak.org) Message-Id: <199802160112.BAA21905@awfulhak.org> X-Mailer: exmh version 2.0.1 12/23/97 To: Mark Turrin cc: Brian Somers , freebsd-questions@FreeBSD.ORG Subject: Re: Spam filters In-reply-to: Your message of "Sun, 15 Feb 1998 14:30:35 PST." Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Mon, 16 Feb 1998 01:12:09 +0000 From: Brian Somers Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > Hello Brian, > > Thanks for responding to my questions. Your information helped but here > are a couple of more. > > On Sun, 15 Feb 1998, Brian Somers wrote: > > > This rule is just for testing. When you run `sendmail -bt', you > > can't type ``$|'' without sendmail separating it on you - you > > therefore can't test the check_relay ruleset. Testing the xlat > > ruleset defeats this problem: > > > > $ sendmail -bt > > > xlat my.domain $| 1.2.3.4 > > ^D > > Oh. OK. Are you saying that the only ruleset to check is xlat? That is, > I don't need to run separate checks on check_relay rule or the check_mail > rule? No. ``xlat'' only runs ``check_relay''. You can run ``check_mail'' directly. > When I run the test I get the following output: > > > xlat 111.org $| 208.211.205.66 > rewrite: ruleset 197 input: 111 . org $| 208 . 211 . 205 . 66 > rewrite: ruleset 199 input: 111 . org $| 208 . 211 . 205 . 66 > rewrite: ruleset 199 returns: $# error $: 521 blocked . contact postmaster > @ dev > Null . com > rewrite: ruleset 197 returns: $# error $: 521 blocked . contact postmaster > @ dev > Null . com Looks ok assuming you've got either 111.org or 208.211.205.66 in your spam files. > > > in the maillog file: > > > > > > Feb 14 12:37:48 argon sendmail[15696]: NOQUEUE: SYSERR(root): > > > host_map_lookup(cyberpromo.com): bogus NULL cache entry, errno = 0, h_errno = 0 > > > > > > What does the "bogus NULL cache entry" mean? > > > > > > Testing with sendmail -bt gives the following results: > > > > > > > check_mail mlt@cyberpromo.com > > > rewrite: ruleset 198 input: mlt @ cyberpromo . com > > > rewrite: ruleset 3 input: mlt @ cyberpromo . com > > > rewrite: ruleset 96 input: mlt < @ cyberpromo . com > > > > host_map_lookup(cyberpromo.com): bogus NULL cache entry, errno = 0, > > > h_errno = 0 > > > rewrite: ruleset 96 returns: mlt < @ cyberpromo . com > > > > rewrite: ruleset 3 returns: mlt < @ cyberpromo . com > > > > rewrite: ruleset 198 returns: $# error $: 521 #blocked . contact > > > postmaster > > > > This *may* be because you haven't got at least two words in your spam > > database. When sendmail executes ``$(Kfilename arg $)'', it replaces > > any found ``arg'' with whatever's on the right hand side in the > > database (and appends any -a stuff from the K line). I've never seen > > this error, so I'm just guessing. > > I used the ftp'd database as downloaded with no changes. THe > domains.txt file is: > > 1-500-FINGERS.COM #blocked. contact postmaster > 1-800-COLLECT.NET #blocked. contact postmaster > 1-GLOBAL.COM #blocked. contact postmaster > 101MAIN.COM #blocked. contact postmaster > > The ips.txt is: > > 38.216.110.200 #blocked. contact postmaster > 151.196.85.76 #blocked. contact postmaster > 151.196.87.64 #blocked. contact postmaster > 199.4.121.9 #blocked. contact postmaster > 199.4.121.93 #blocked. contact postmaster > 204.137.220. #blocked. contact postmaster > 204.137.221. #blocked. contact postmaster > > If I run the check_mail rule I get: > > > check_mail mlt@111.org > rewrite: ruleset 198 input: mlt @ 111 . org > rewrite: ruleset 3 input: mlt @ 111 . org > rewrite: ruleset 96 input: mlt < @ 111 . org > > 111.org: Name server timeout > rewrite: ruleset 96 returns: mlt < @ 111 . org > > rewrite: ruleset 3 returns: mlt < @ 111 . org > > rewrite: ruleset 198 returns: $# error $: 521 #blocked . contact > postmaster > == Ruleset check_mail (198) status 75 > > Do you know what status 75 stands for? It probably means that the DNS timed out :-| For testing, you can try ``check_mail mlt@111.org.'' to force your way through the DNS bit. > > > Get the latest releng_2_2 stuff. It checks the input domain > > recursively so that you can also put hostnames in your spam files. > > But most importantly, it's got some comments at the top of the file > > detailing what can break the rulesets (FEATURE(nocanonify) is the > > most common). > > Is this the stuff in: > ftp://releng22.freebsd.org/pub/FreeBSD/releng22/XF8633/ Probably more like ftp://releng22.freebsd.org/pub/FreeBSD/releng22/src/etc/mail > Thanks, > > ___________________________________________________________________ > Mark L. Turrin mlt@linkzone.com > --- > "Man invented language to satisfy his deep need to complain." > -- Lily Tomlin > > -- Brian , , Don't _EVER_ lose your sense of humour.... To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message