Re: [Exim] Fw: for Kevin Sindhu

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MSuresh Ramasubramanian at <-
MSuresh Ramasubramanian at ->
Delete this message
Reply to this message
Author: Kevin Sindhu
Date:  
To: exim-users
Subject: Re: [Exim] Fw: for Kevin Sindhu
Hi Suresh,


> Try updating - I think spamass 2.2x has me in its whitelist.

Erm..no. http://www.rfc-ignorant.com/tools/lookup.php?domain=61.11.83.59

and http://ist.dsbl.org/listing.php?ip=61.11.83.59

And this is SA 2.44.

> Why are you wasting time checking _all_ Received headers for dialup
> blocks?

I'm not. Your ^MTA^ is listed both in rfc-ignorant and dsbl.org. SA marks
this a point and they all go over my kill point (which is also the default)
5.0. See below

DNSBL only adds 0.6 points. i.e., 

X_OSIRU_DUL        (0.6 points)  RBL: DNSBL: sender ip address in in a
dialup block


> All this means is that you are going to tag any mail that was sent from
> a dialup (or rather, dynamic IP ADSL in my case) and relayed through a
> different smtp server (my colo box, frodo.hserus.net, in this case) as
> spam.

No. frodo is listed on additional lists.

> You are basically just wasting your time checking for dialups / dnsbl
> IPs in headers other than the first Received: header ...

No. Please see above and below for more details.

-Kevin

Making, drinking tea and reading an opus magnum from
viruswall@???:
>Unsolicited bulk email from:
>    mallet@???
>Subject: Re: SPAM FROM <exim-users-admin@???>

>
>According to the 'Received:' trace, the message originated at:
>    quirk ([192.168.1.2])

>
>The message WAS NOT delivered to:
><Kevin.A.Sindhu@???>:
>    550 5.7.0 Message content rejected, id=19612-07

>
>The message has been quarantined as:
>
>/var/spool/vscan/virusmails/spam-63bd53b3e20fde984a50e0ae5a074272-20030202-191247-19612-07.gz
>
>SpamAssassin report:
>
>SPAM: -------------------- Start SpamAssassin results ----------------------
>SPAM: This mail is probably spam.  The original message has been altered
>SPAM: so you can recognise or block similar unwanted mail in future.
>SPAM: See http://spamassassin.org/tag/ for more details.
>SPAM:
>SPAM: Content analysis details:   (5.20 hits, 5 required)
>SPAM: REFERENCES         (-0.5 points) Has a valid-looking References header
>SPAM: NOSPAM_INC         (-0.2 points) Where are you working at?
>SPAM: USER_AGENT_OE      (0.2 points)  X-Mailer header indicates a
>non-spam MUA (Outlook Express)
>SPAM: EMAIL_ATTRIBUTION  (-1.6 points) BODY: Contains what looks like an
>email attribution
>SPAM: SPAM_PHRASE_05_08  (1.6 points)  BODY: Spam phrases score is 05 to
>08 (medium)
>SPAM:                    [score: 7]
>SPAM: QUOTED_EMAIL_TEXT  (-0.8 points) BODY: Contains what looks like a
>quoted email text
>SPAM: RCVD_IN_DSBL       (3.2 points)  RBL: Received via a relay in
>list.dsbl.org
>SPAM:                    [RBL check: found 59.83.11.61.list.dsbl.org]
>SPAM: RCVD_IN_OSIRUSOFT_COM (0.4 points)  RBL: Received via a relay in
>relays.osirusoft.com
>SPAM:                    [RBL check: found
>59.83.11.61.relays.osirusoft.com., type: 127.0.0.3]
>SPAM: RCVD_IN_RFCI       (2.3 points)  RBL: Received via a relay in
>ipwhois.rfc-ignorant.org
>SPAM:                    [RBL check: found
>59.83.11.61.ipwhois.rfc-ignorant.org., type: 127.0.0.6]
>SPAM: X_OSIRU_DUL        (0.6 points)  RBL: DNSBL: sender ip address in in
>a dialup block
>SPAM:
>SPAM: -------------------- End of SpamAssassin results ---------------------

>
>------------------------- BEGIN HEADERS -----------------------------
>Received: from frodo.hserus.net
>(_RELAYED_VIA_VirusWall-UK.VPN.MailSrv_Internal.MAIL.AC [192.168.33.5])
>         by mail.open-systems.org (Postfix) with ESMTP id C37A2101A1C
>         for <Kevin.A.Sindhu@???>; Sun,  2 Feb 2003 19:12:44 -0800 (PST)
>Received: from [61.11.83.59] (helo=quirk.hserus.net)
>         by frodo.hserus.net with asmtp (SSLv3:EDH-RSA-DES-CBC3-SHA:168)
>         (Exim 4.12)
>         id 18fX09-0002nx-00
>         for Kevin.A.Sindhu@???; Mon, 03 Feb 2003 08:40:30 +0530
>Received: from quirk ([192.168.1.2])
>         by quirk.hserus.net (VisNetic.MailServer.v5.3.5.0) with SMTP id
>         for <Kevin.A.Sindhu@???>; Mon, 03 Feb 2003 03:10:20 +0530
>Message-ID: <002801c2cb03$aef30de0$0201a8c0@quirk>
>From: "Suresh Ramasubramanian" <mallet@???>
>To: "Kevin Sindhu" <Kevin.A.Sindhu@???>
>References: <5.2.0.9.2.20030202183823.00ae7c28@192.168.33.245>
>Subject: Re: SPAM FROM <exim-users-admin@???>
>Date: Mon, 3 Feb 2003 03:10:18 +0530
>Organization: -ENOENT
>MIME-Version: 1.0
>Content-Type: text/plain;
>         charset="iso-8859-1"
>Content-Transfer-Encoding: 7bit
>X-Priority: 3
>X-MSMail-Priority: Normal
>X-Mailer: Microsoft Outlook Express 6.00.2800.1106
>X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
>-------------------------- END HEADERS ------------------------------




This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [Exim] Exim 4.12_1, FreeBSD 4.7, and "user mailnull" errorsRe: [Exim] Fw: for Kevin Sindhu->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)