[Exim] Re: Two issues relating to spam

Startseite
Nachricht löschen
Nachricht beantworten
Autor: Suresh Ramasubramanian
Datum:  
To: Exim Users
Betreff: [Exim] Re: Two issues relating to spam
+++ Phil Pennock [exim-users] <13/03/02 02:05 +0100>:
> Problem 1 -- A record pointing to 0.0.0.0
> $ host -t a goldrush.net
> goldrush.net has address 0.0.0.0


Urgh. In postfix at least ...

Mar 13 10:35:02 mjollnir postfix/qmgr[13767]: B359C1AC26:
from=<suresh@???>, size=329, nrcpt=1 (queue active)
Mar 13 10:35:06 mjollnir postfix/smtpd[16856]: connect from
localhost[127.0.0.1]Mar 13 10:35:06 mjollnir postfix/smtp[16817]: warning:
host goldrush.net[0.0.0.0] greeted me with my own hostname
mjollnir.munged.com
Mar 13 10:35:06 mjollnir postfix/smtp[16817]: warning: host
goldrush.net[0.0.0.0] replied to HELO/EHLO with my own hostname
mjollnir.munged.com
Mar 13 10:35:06 mjollnir postfix/smtp[16817]: B359C1AC26:
to=<test@???>, relay=goldrush.net[0.0.0.0], delay=4, status=bounced
(mail for goldrush.net loops back to myself)


> Problem 2 -- hosts which deliberately don't issue banner
> 209.151.233.24, which ultimately reverses to the lovely little hostname
> "fix.your.open.relay.or.die.net", has something listening on port 25
> which never issues an SMTP banner.


Your common or garden labrea tarpit.

> The Exim delivery process never times out on this. AFAICS, after the
> connection is opened (proceeds normally), the command_timeout should
> apply to waiting for the banner. Documented default is 5 mins. I'm
> seeing processes which are still waiting for much longer. The only one
> which I haven't yet killed has been waiting 24 mins (age of -J file).


Children / grandchildren of existing processes by any chance?

    -srs