From owner-freebsd-bugs@FreeBSD.ORG Sat Jun 16 12:40:09 2007 Return-Path: X-Original-To: freebsd-bugs@hub.freebsd.org Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id AED6B16A400 for ; Sat, 16 Jun 2007 12:40:09 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [69.147.83.40]) by mx1.freebsd.org (Postfix) with ESMTP id 4076113C447 for ; Sat, 16 Jun 2007 12:40:09 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id l5GCe9XR071797 for ; Sat, 16 Jun 2007 12:40:09 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.13.4/8.13.4/Submit) id l5GCe94r071796; Sat, 16 Jun 2007 12:40:09 GMT (envelope-from gnats) Date: Sat, 16 Jun 2007 12:40:09 GMT Message-Id: <200706161240.l5GCe94r071796@freefall.freebsd.org> To: freebsd-bugs@FreeBSD.org From: "Rusty Nejdl" X-Mailman-Approved-At: Sat, 16 Jun 2007 12:58:22 +0000 Cc: Subject: Re: conf/76626: [patch] 460.status-mail-rejects shows destination domain instead of source IP X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Rusty Nejdl List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 16 Jun 2007 12:40:09 -0000 The following reply was made to PR conf/76626; it has been noted by GNATS. From: "Rusty Nejdl" To: "Gregory Shapiro" Cc: bug-followup@freebsd.org, rnejdl@ringofsaturn.com Subject: Re: conf/76626: [patch] 460.status-mail-rejects shows destination domain instead of source IP Date: Sat, 16 Jun 2007 07:01:19 -0500 (CDT) Gregory, Well, to me, since most of the time when I am rejecting emails, the sender email address is spoofed. I am definitely more interested in knowing what ISP's are spamming me most. [tethys]:/home/rnejdl> /etc/periodic/daily/460.status-mail-rejects Checking for rejected mail hosts: 289 TOTAL 4 [208.97.234.204] 3 thisistoyou.com [208.66.235.120] 3 dropspecials.com [69.30.230.84] 3 [203.156.49.110] 2 mx1.gatetowinner.com [64.71.164.137] 2 hn.kd.dhcp [61.52.201.38] (may be forged) 2 chhor.brillianticon.com [70.42.184.61] So, when I blocked 208.97.234.204, I managed to block 4 spams from that IP in the last 24 hours. To be honest, the display as it is shown below is of no use to me. It would be great if we could have a way to configure it to show the field that you wanted displayed. Sincerely, Rusty Nejdl Gregory Shapiro wrote: > Your patch assumes that only the relay= is of interest in the list. > However, in my opinion, the address you are rejecting is more interesting > in most cases. For example, from my own logs: > > i un 14 00:01:32 gir sm-mta[9280]: l5E71S9N009280: ruleset=check_mail, > arg1=, > relay=ip-51.net-82-216-27.versailles2.rev.numericable.fr [82.216.27.51], > reject=451 4.1.8 Domain of sender address tzdelhi@netbizmoms.com does not > resolve > > Jun 14 00:05:17 gir sm-mta[9349]: l5E75ErZ009349: ruleset=check_rcpt, > arg1=, relay=ful.cnchost.com [297.157.49.28], > reject=400 4.0.0 Temporary failure > > Jun 14 00:12:13 gir sm-mta[9552]: l5E7C812009552: ruleset=check_mail, > arg1=, > relay=dsl081-247-036.sfo1.dsl.speakeasy.net [64.81.247.36], reject=450 > 4.1.2 ... MX lookup failure for > wonfuproductions.com > > In all three cases, I'm more interested in the address that was rejected > instead of the host sending that mail. >