Date: Sun, 15 Feb 1998 14:30:35 -0800 (PST) From: Mark Turrin <mlt@linkzone.com> To: Brian Somers <brian@Awfulhak.org> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Spam filters Message-ID: <Pine.BSF.3.96.980215133639.15762D-100000@argon.linkzone.com> In-Reply-To: <199802151003.KAA10695@awfulhak.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello Brian, Thanks for responding to my questions. Your information helped but here are a couple of more. On Sun, 15 Feb 1998, Brian Somers wrote: > This rule is just for testing. When you run `sendmail -bt', you > can't type ``$|'' without sendmail separating it on you - you > therefore can't test the check_relay ruleset. Testing the xlat > ruleset defeats this problem: > > $ sendmail -bt > > xlat my.domain $| 1.2.3.4 > ^D Oh. OK. Are you saying that the only ruleset to check is xlat? That is, I don't need to run separate checks on check_relay rule or the check_mail rule? When I run the test I get the following output: > xlat 111.org $| 208.211.205.66 rewrite: ruleset 197 input: 111 . org $| 208 . 211 . 205 . 66 rewrite: ruleset 199 input: 111 . org $| 208 . 211 . 205 . 66 rewrite: ruleset 199 returns: $# error $: 521 blocked . contact postmaster @ dev Null . com rewrite: ruleset 197 returns: $# error $: 521 blocked . contact postmaster @ dev Null . com > > in the maillog file: > > > > Feb 14 12:37:48 argon sendmail[15696]: NOQUEUE: SYSERR(root): > > host_map_lookup(cyberpromo.com): bogus NULL cache entry, errno = 0, h_errno = 0 > > > > What does the "bogus NULL cache entry" mean? > > > > Testing with sendmail -bt gives the following results: > > > > > check_mail mlt@cyberpromo.com > > rewrite: ruleset 198 input: mlt @ cyberpromo . com > > rewrite: ruleset 3 input: mlt @ cyberpromo . com > > rewrite: ruleset 96 input: mlt < @ cyberpromo . com > > > host_map_lookup(cyberpromo.com): bogus NULL cache entry, errno = 0, > > h_errno = 0 > > rewrite: ruleset 96 returns: mlt < @ cyberpromo . com > > > rewrite: ruleset 3 returns: mlt < @ cyberpromo . com > > > rewrite: ruleset 198 returns: $# error $: 521 #blocked . contact > > postmaster > > This *may* be because you haven't got at least two words in your spam > database. When sendmail executes ``$(Kfilename arg $)'', it replaces > any found ``arg'' with whatever's on the right hand side in the > database (and appends any -a stuff from the K line). I've never seen > this error, so I'm just guessing. I used the ftp'd database as downloaded with no changes. THe domains.txt file is: 1-500-FINGERS.COM #blocked. contact postmaster 1-800-COLLECT.NET #blocked. contact postmaster 1-GLOBAL.COM #blocked. contact postmaster 101MAIN.COM #blocked. contact postmaster The ips.txt is: 38.216.110.200 #blocked. contact postmaster 151.196.85.76 #blocked. contact postmaster 151.196.87.64 #blocked. contact postmaster 199.4.121.9 #blocked. contact postmaster 199.4.121.93 #blocked. contact postmaster 204.137.220. #blocked. contact postmaster 204.137.221. #blocked. contact postmaster If I run the check_mail rule I get: > check_mail mlt@111.org rewrite: ruleset 198 input: mlt @ 111 . org rewrite: ruleset 3 input: mlt @ 111 . org rewrite: ruleset 96 input: mlt < @ 111 . org > 111.org: Name server timeout rewrite: ruleset 96 returns: mlt < @ 111 . org > rewrite: ruleset 3 returns: mlt < @ 111 . org > rewrite: ruleset 198 returns: $# error $: 521 #blocked . contact postmaster == Ruleset check_mail (198) status 75 Do you know what status 75 stands for? > Get the latest releng_2_2 stuff. It checks the input domain > recursively so that you can also put hostnames in your spam files. > But most importantly, it's got some comments at the top of the file > detailing what can break the rulesets (FEATURE(nocanonify) is the > most common). Is this the stuff in: ftp://releng22.freebsd.org/pub/FreeBSD/releng22/XF8633/ Thanks, ___________________________________________________________________ Mark L. Turrin mlt@linkzone.com --- "Man invented language to satisfy his deep need to complain." -- Lily Tomlin To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980215133639.15762D-100000>