Date: Mon, 16 Feb 1998 01:12:09 +0000 From: Brian Somers <brian@Awfulhak.org> To: Mark Turrin <mlt@linkzone.com> Cc: Brian Somers <brian@Awfulhak.org>, freebsd-questions@FreeBSD.ORG Subject: Re: Spam filters Message-ID: <199802160112.BAA21905@awfulhak.org> In-Reply-To: Your message of "Sun, 15 Feb 1998 14:30:35 PST." <Pine.BSF.3.96.980215133639.15762D-100000@argon.linkzone.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> Hello Brian, > > Thanks for responding to my questions. Your information helped but here > are a couple of more. > > On Sun, 15 Feb 1998, Brian Somers wrote: > > > This rule is just for testing. When you run `sendmail -bt', you > > can't type ``$|'' without sendmail separating it on you - you > > therefore can't test the check_relay ruleset. Testing the xlat > > ruleset defeats this problem: > > > > $ sendmail -bt > > > xlat my.domain $| 1.2.3.4 > > ^D > > Oh. OK. Are you saying that the only ruleset to check is xlat? That is, > I don't need to run separate checks on check_relay rule or the check_mail > rule? No. ``xlat'' only runs ``check_relay''. You can run ``check_mail'' directly. > When I run the test I get the following output: > > > xlat 111.org $| 208.211.205.66 > rewrite: ruleset 197 input: 111 . org $| 208 . 211 . 205 . 66 > rewrite: ruleset 199 input: 111 . org $| 208 . 211 . 205 . 66 > rewrite: ruleset 199 returns: $# error $: 521 blocked . contact postmaster > @ dev > Null . com > rewrite: ruleset 197 returns: $# error $: 521 blocked . contact postmaster > @ dev > Null . com Looks ok assuming you've got either 111.org or 208.211.205.66 in your spam files. > > > in the maillog file: > > > > > > Feb 14 12:37:48 argon sendmail[15696]: NOQUEUE: SYSERR(root): > > > host_map_lookup(cyberpromo.com): bogus NULL cache entry, errno = 0, h_errno = 0 > > > > > > What does the "bogus NULL cache entry" mean? > > > > > > Testing with sendmail -bt gives the following results: > > > > > > > check_mail mlt@cyberpromo.com > > > rewrite: ruleset 198 input: mlt @ cyberpromo . com > > > rewrite: ruleset 3 input: mlt @ cyberpromo . com > > > rewrite: ruleset 96 input: mlt < @ cyberpromo . com > > > > host_map_lookup(cyberpromo.com): bogus NULL cache entry, errno = 0, > > > h_errno = 0 > > > rewrite: ruleset 96 returns: mlt < @ cyberpromo . com > > > > rewrite: ruleset 3 returns: mlt < @ cyberpromo . com > > > > rewrite: ruleset 198 returns: $# error $: 521 #blocked . contact > > > postmaster > > > > This *may* be because you haven't got at least two words in your spam > > database. When sendmail executes ``$(Kfilename arg $)'', it replaces > > any found ``arg'' with whatever's on the right hand side in the > > database (and appends any -a stuff from the K line). I've never seen > > this error, so I'm just guessing. > > I used the ftp'd database as downloaded with no changes. THe > domains.txt file is: > > 1-500-FINGERS.COM #blocked. contact postmaster > 1-800-COLLECT.NET #blocked. contact postmaster > 1-GLOBAL.COM #blocked. contact postmaster > 101MAIN.COM #blocked. contact postmaster > > The ips.txt is: > > 38.216.110.200 #blocked. contact postmaster > 151.196.85.76 #blocked. contact postmaster > 151.196.87.64 #blocked. contact postmaster > 199.4.121.9 #blocked. contact postmaster > 199.4.121.93 #blocked. contact postmaster > 204.137.220. #blocked. contact postmaster > 204.137.221. #blocked. contact postmaster > > If I run the check_mail rule I get: > > > check_mail mlt@111.org > rewrite: ruleset 198 input: mlt @ 111 . org > rewrite: ruleset 3 input: mlt @ 111 . org > rewrite: ruleset 96 input: mlt < @ 111 . org > > 111.org: Name server timeout > rewrite: ruleset 96 returns: mlt < @ 111 . org > > rewrite: ruleset 3 returns: mlt < @ 111 . org > > rewrite: ruleset 198 returns: $# error $: 521 #blocked . contact > postmaster > == Ruleset check_mail (198) status 75 > > Do you know what status 75 stands for? It probably means that the DNS timed out :-| For testing, you can try ``check_mail mlt@111.org.'' to force your way through the DNS bit. > > > Get the latest releng_2_2 stuff. It checks the input domain > > recursively so that you can also put hostnames in your spam files. > > But most importantly, it's got some comments at the top of the file > > detailing what can break the rulesets (FEATURE(nocanonify) is the > > most common). > > Is this the stuff in: > ftp://releng22.freebsd.org/pub/FreeBSD/releng22/XF8633/ Probably more like ftp://releng22.freebsd.org/pub/FreeBSD/releng22/src/etc/mail > Thanks, > > ___________________________________________________________________ > Mark L. Turrin mlt@linkzone.com > --- > "Man invented language to satisfy his deep need to complain." > -- Lily Tomlin > > -- Brian <brian@Awfulhak.org>, <brian@FreeBSD.org>, <brian@OpenBSD.org> <http://www.Awfulhak.org>; Don't _EVER_ lose your sense of humour.... To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199802160112.BAA21905>