Re: [Exim] testing rbl style zones

Góra strony
Delete this message
Reply to this message
Autor: Richard Welty
Data:  
Dla: exim-users
Temat: Re: [Exim] testing rbl style zones
On Sun, 18 Nov 2001 20:54:23 +0000 (GMT), philip wrote:

>On Sun, 18 Nov 2001, Richard Welty wrote:
>
>> 158.198.23.216.kbl.krusty-motorsports.com. 86400 IN A 127.0.0.2
>> 158.198.23.216.kbl.krusty-motorsports.com. 86400 IN TXT "Mail from
>> 216.23.198.128/25 blocked - See
>> http://www.krusty-motorsports.com/blocked.html"
>>
>> there's no evidence in rejectlog or mainlog of my lookups being done,
>> and a spam from 216.23.198.158 leaked through last night. how do i
>> debug this?
>
>Try exim -bh 216.23.198.158 and play the part of an SMTP client if
>necessary.


this command produces the following pertaining to testing
kbl.krusty-motorsports.com:

# exim -bh 216.23.198.158

**** SMTP testing session as if from host 216.23.198.158
**** Not for real!

>>> host in host_lookup? no (option unset)
>>> host in host_reject? no (option unset)
>>> host in host_reject_recipients? no (option unset)
>>> host in rbl_hosts? yes (*)
>>> checking RBL domain kbl.krusty-motorsports.com
>>> RBL lookup for 158.198.23.216.kbl.krusty-motorsports.com failed
>>> => that means it's not black listed at kbl.krusty-motorsports.com


when i immediately afterwards issued the following:

# dig @kbl.krusty-motorsports.com
158.198.23.216.kbl.krusty-motorsports.com in any

i get the following answer section:

;; ANSWER SECTION:
158.198.23.216.kbl.krusty-motorsports.com. 86400 IN A 127.0.0.2
158.198.23.216.kbl.krusty-motorsports.com. 86400 IN TXT "Mail from
216.23.198.128/25 blocked - See
http://www.krusty-motorsports.com/blocked.html"

i retried the exim -bh, adding -d9:

host in rbl_hosts? yes (*)
checking RBL domain kbl.krusty-motorsports.com
DNS lookup of 158.198.23.216.kbl.krusty-motorsports.com (A) gave
HOST_NOT_FOUND
returning DNS_NOMATCH
RBL lookup for 158.198.23.216.kbl.krusty-motorsports.com failed
=> that means it's not black listed at kbl.krusty-motorsports.com

any suggestions on what step to take next?

>> i have added the particular IP range that leaked to hosts_avoid_tls to


>hosts_avoid_tls is an option for outgoing messages.... (or do you mean
>tls_advertise_hosts?)


oops, you're right, i put it in the wrong place.

from what you say, it was irrelevant in any case.

richard