[Exim] spam using RBL(output of exim -bh)

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
 
 
Delete this message
Reply to this message
Author: Sherona Hoosen
Date:  
To: exim-users
Subject: [Exim] spam using RBL(output of exim -bh)
This is a multi-part message in MIME format.
--
[ Picked text/plain from multipart/alternative ]
Hi

Sorry about this, but seems like I can't send .doc files.

Here is the full output of exim -bh

bash-2.05# ./exim -bh 66.216.119.168

**** SMTP testing session as if from host 66.216.119.168
**** but without any ident (RFC 1413) callback.
**** This is not for real!

>>> host in host_lookup? yes (matched "*")
>>> looking up host name for 66.216.119.168
>>> IP address lookup yielded click1.optinbargains4u.com
>>> click1.optinbargains4u.com 66.216.119.168
>>> checking addresses for click1.optinbargains4u.com
>>> 66.216.119.168
>>> host in host_reject_connection? no (option unset)
>>> host in sender_unqualified_hosts? no (option unset)
>>> host in recipient_unqualified_hosts? no (option unset)
>>> host in helo_verify_hosts? no (option unset)
>>> host in helo_try_verify_hosts? no (option unset)
>>> host in helo_accept_junk_hosts? no (option unset)
220 mail3.wits.ac.za ESMTP Exim 4.10 Fri, 30 May 2003 11:40:34 -0200
ehlo consumerblast.com
250-mail3.wits.ac.za Hello click1.optinbargains4u.com [66.216.119.168]
250-SIZE 52428800
250-PIPELINING
250 HELP
mail from:test@???
250 OK
rcpt to:sherona@???
>>> using ACL "acl_check_rcpt"
>>> processing "accept"
>>> check hosts = :
>>> host in ":"? no (end of list)
>>> accept: condition test failed
>>> processing "deny"
>>> check local_parts = ^.*[@%!/|] : ^\\.
>>> sherona in "^.*[@%!/|] : ^\."? no (end of list)
>>> deny: condition test failed
>>> processing "accept"
>>> check local_parts = postmaster
>>> sherona in "postmaster"? no (end of list)
>>> accept: condition test failed
>>> processing "require"
>>> check verify = sender
>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>> routing test@???
>>> calling hubbed_hosts router
>>> consumerblast.com in "pg.wits.ac.za"? no (end of list)
>>> consumerblast.com in "arch.pg.wits.ac.za"? no (end of list)
>>> consumerblast.com in "arts.pg.wits.ac.za"? no (end of list)
>>> consumerblast.com in "comm.pg.wits.ac.za"? no (end of list)
>>> consumerblast.com in "edu.pg.wits.ac.za"? no (end of list)
>>> consumerblast.com in "hs.pg.wits.ac.za"? no (end of list)
>>> consumerblast.com in "law.pg.wits.ac.za"? no (end of list)
>>> consumerblast.com in "clm.pg.wits.ac.za"? no (end of list)
>>> consumerblast.com in "clm.ug.wits.ac.za"? no (end of list)
>>> consumerblast.com in "ebe.pg.wits.ac.za"? no (end of list)
>>> consumerblast.com in "ebe.ug.wits.ac.za"? no (end of list)
>>> consumerblast.com in "hse.pg.wits.ac.za"? no (end of list)
>>> consumerblast.com in "hse.ug.wits.ac.za"? no (end of list)
>>> consumerblast.com in "hsc.pg.wits.ac.za"? no (end of list)
>>> consumerblast.com in "hsc.ug.wits.ac.za"? no (end of list)
>>> consumerblast.com in "students.wits.ac.za"? no (end of list)
>>> consumerblast.com in "visitors.wits.ac.za"? no (end of list)
>>> consumerblast.com in "science.pg.wits.ac.za"? no (end of list)
>>> consumerblast.com in "science.ug.wits.ac.za"? no (end of list)
>>> consumerblast.com in "*.fac.wits.ac.za"? no (end of list)
>>> consumerblast.com in "humanities.wits.ac.za"? no (end of list)
>>> consumerblast.com in "cns.wits.ac.za"? no (end of list)
>>> consumerblast.com in "nimstest.wits.ac.za"? no (end of list)
>>> consumerblast.com in "ersa.wits.ac.za"? no (end of list)
>>> consumerblast.com in "apo.wits.ac.za"? no (end of list)
>>> consumerblast.com in "hsadmin.wits.ac.za"? no (end of list)
>>> consumerblast.com in "clm.wits.ac.za"? no (end of list)
>>> consumerblast.com in "ec2admin.wits.ac.za"? no (end of list)
>>> consumerblast.com in "cpe.wits.ac.za"? no (end of list)
>>> consumerblast.com in "theatre.wits.ac.za"? no (end of list)
>>> consumerblast.com in "physics.wits.ac.za"? no (end of list)
>>> consumerblast.com in "cavs.wits.ac.za"? no (end of list)
>>> consumerblast.com in "cgs.wits.ac.za"? no (end of list)
>>> consumerblast.com in "academic.wits.ac.za"? no (end of list)
>>> consumerblast.com in "science.wits.ac.za"? no (end of list)
>>> consumerblast.com in "functions.wits.ac.za"? no (end of list)
>>> consumerblast.com in "srcadmin.wits.ac.za"? no (end of list)
>>> consumerblast.com in "international.wits.ac.za"? no (end of list)
>>> consumerblast.com in "artgalleries.wits.ac.za"? no (end of list)
>>> consumerblast.com in "ebe.wits.ac.za"? no (end of list)
>>> consumerblast.com in "asawu.wits.ac.za"? no (end of list)
>>> consumerblast.com in "radmaste.wits.ac.za"? no (end of list)
>>> consumerblast.com in "wcentre.wits.ac.za"? no (end of list)
>>> consumerblast.com in "health.wits.ac.za"? no (end of list)
>>> consumerblast.com in "soa.wits.ac.za"? no (end of list)
>>> consumerblast.com in "hsc.wits.ac.za"? no (end of list)
>>> consumerblast.com in "sport.wits.ac.za"? no (end of list)
>>> consumerblast.com in "sph.wits.ac.za"? no (end of list)
>>> consumerblast.com in "gsh.wits.ac.za"? no (end of list)
>>> consumerblast.com in "sebs.wits.ac.za"? no (end of list)
>>> consumerblast.com in "hse.wits.ac.za"? no (end of list)
>>> consumerblast.com in "archplan.wits.ac.za"? no (end of list)
>>> consumerblast.com in "anatomy.wits.ac.za"? no (end of list)
>>> consumerblast.com in "aisu.wits.ac.za"? no (end of list)
>>> consumerblast.com in "umthombo.wits.ac.za"? no (end of list)
>>> consumerblast.com in "therapy.wits.ac.za"? no (end of list)
>>> consumerblast.com in "geosciences.wits.ac.za"? no (end of list)
>>> consumerblast.com in "geoarc.wits.ac.za"? no (end of list)
>>> consumerblast.com in "social.wits.ac.za"? no (end of list)
>>> consumerblast.com in "consecon.wits.ac.za"? no (end of list)
>>> consumerblast.com in "artworks.wits.ac.za"? no (end of list)
>>> consumerblast.com in "coled.wits.ac.za"? no (end of list)
>>> consumerblast.com in "saiia.wits.ac.za"? no (end of list)
>>> consumerblast.com in "witsplus.wits.ac.za"? no (end of list)
>>> consumerblast.com in "cpu.wits.ac.za"? no (end of list)
>>> consumerblast.com in "cpu.wits.ac.za"? no (end of list)
>>> consumerblast.com in "bfu.wits.ac.za"? no (end of list)
>>> consumerblast.com in "camcon.wits.ac.za"? no (end of list)
>>> consumerblast.com in "epu.wits.ac.za"? no (end of list)
>>> consumerblast.com in "senc.wits.ac.za"? no (end of list)
>>> consumerblast.com in "bru.wits.ac.za"? no (end of list)
>>> consumerblast.com in "cas.wits.ac.za"? no (end of list)
>>> consumerblast.com in "whsl.wits.ac.za"? no (end of list)
>>> consumerblast.com in "planet.wits.ac.za"? no (end of list)
>>> consumerblast.com in "physiology.wits.ac.za"? no (end of list)
>>> consumerblast.com in "pathology.wits.ac.za"? no (end of list)
>>> consumerblast.com in "ir.wits.ac.za"? no (end of list)
>>> consumerblast.com in "partners.wits.ac.za"? no (end of list)
>>> consumerblast.com in "research.wits.ac.za"? no (end of list)
>>> consumerblast.com in "residence.wits.ac.za"? no (end of list)
>>> consumerblast.com in "services.wits.ac.za"? no (end of list)
>>> consumerblast.com in "wufs.wits.ac.za"? no (end of list)
>>> consumerblast.com in "cltd.wits.ac.za"? no (end of list)
>>> consumerblast.com in "hr.wits.ac.za"? no (end of list)
>>> consumerblast.com in "ccdu.wits.ac.za"? no (end of list)
>>> consumerblast.com in "chwc.wits.ac.za"? no (end of list)
>>> consumerblast.com in "vco.wits.ac.za"? no (end of list)
>>> consumerblast.com in "dmsa.wits.ac.za"? no (end of list)
>>> consumerblast.com in "caterclean.wits.ac.za"? no (end of list)
>>> consumerblast.com in "educ.wits.ac.za"? no (end of list)
>>> consumerblast.com in "finaid.wits.ac.za"? no (end of list)
>>> consumerblast.com in "chse.wits.ac.za"? no (end of list)
>>> consumerblast.com in "dentistry.wits.ac.za"? no (end of list)
>>> consumerblast.com in "finance.wits.ac.za"? no (end of list)
>>> consumerblast.com in "foundation.wits.ac.za"? no (end of list)
>>> consumerblast.com in "grads.wits.ac.za"? no (end of list)
>>> consumerblast.com in "gretev.wits.ac.za"? no (end of list)
>>> consumerblast.com in "legal.wits.ac.za"? no (end of list)
>>> consumerblast.com in "marketing.wits.ac.za"? no (end of list)
>>> consumerblast.com in "miu.wits.ac.za"? no (end of list)
>>> consumerblast.com in "registrar.wits.ac.za"? no (end of list)
>>> consumerblast.com in "sao.wits.ac.za"? no (end of list)
>>> consumerblast.com in "medicine.wits.ac.za"? no (end of list)
>>> consumerblast.com in "sped.wits.ac.za"? no (end of list)
>>> consumerblast.com in "telecoms.wits.ac.za"? no (end of list)
>>> consumerblast.com in "wufs.wits.ac.za"? no (end of list)
>>> consumerblast.com in "wup.wits.ac.za"? no (end of list)
>>> consumerblast.com in "fclm.wits.ac.za"? no (end of list)
>>> consumerblast.com in "strategy.wits.ac.za"? no (end of list)
>>> consumerblast.com in "nims.wits.ac.za"? no (end of list)
>>> consumerblast.com in "brutus.ms.wits.ac.za"? no (end of list)
>>> consumerblast.com in "systec.wits.ac.za"? no (end of list)
>>> consumerblast.com in "gauss.wits.ac.za"? no (end of list)
>>> consumerblast.com in "muse.arts.wits.ac.za"? no (end of list)
>>> consumerblast.com in "psyber.wits.ac.za"? no (end of list)
>>> consumerblast.com in "dragonzone.za.net"? no (end of list)
>>> consumerblast.com in "timetwist.za.net"? no (end of list)
>>> consumerblast.com in "mud.za.net"? no (end of list)
>>> consumerblast.com in "wax.za.net"? no (end of list)
>>> consumerblast.com in "wicca.za.net"? no (end of list)
>>> consumerblast.com in "pagan.za.net"? no (end of list)
>>> consumerblast.com in "icam.za.org"? no (end of list)
>>> consumerblast.com in "pg.mech.wits.ac.za"? no (end of list)
>>> consumerblast.com in "ug.mech.wits.ac.za"? no (end of list)
>>> consumerblast.com in "budget.mech.wits.ac.za"? no (end of list)
>>> consumerblast.com in "hertz.mech.wits.ac.za"? no (end of list)
>>> consumerblast.com in "law.pg.wits.ac.za"? no (end of list)
>>> consumerblast.com in "training.wits.ac.za"? no (end of list)
>>> consumerblast.com in "fotim.ac.za"? no (end of list)
>>> consumerblast.com in "cosalc.ac.za"? no (end of list)
>>> consumerblast.com in "hsadmin.wits.ac.za"? no (end of list)
>>> consumerblast.com in "drastico.za.net"? no (end of list)
>>> consumerblast.com in "icam.za.org"? no (end of list)
>>> consumerblast.com in "gothicparents.za.net"? no (end of list)
>>> consumerblast.com in "sehnsucht.za.net"? no (end of list)
>>> consumerblast.com in "nixxie.za.net"? no (end of list)
>>> consumerblast.com in "mining.wits.ac.za"? no (end of list)
>>> consumerblast.com in "civil.wits.ac.za"? no (end of list)
>>> consumerblast.com in "civen.civil.wits.ac.za"? no (end of list)
>>> consumerblast.com in "iaphys.org"? no (end of list)
>>> consumerblast.com in "iaphys.com"? no (end of list)
>>> consumerblast.com in "minerva.med"? no (end of list)
>>> consumerblast.com in "cs.wits.ac.za"? no (end of list)
>>> consumerblast.com in "*.cs.wits.ac.za"? no (end of list)
>>> consumerblast.com in "stats.wits.ac.za"? no (end of list)
>>> consumerblast.com in "*.stats.wits.ac.za"? no (end of list)
>>> consumerblast.com in "maths.wits.ac.za"? no (end of list)
>>> consumerblast.com in "*.maths.wits.ac.za"? no (end of list)
>>> consumerblast.com in "cam.wits.ac.za"? no (end of list)
>>> consumerblast.com in "*.cam.wits.ac.za"? no (end of list)
>>> consumerblast.com in "ee.wits.ac.za"? no (end of list)
>>> consumerblast.com in "*.ee.wits.ac.za"? no (end of list)
>>> consumerblast.com in "*.wits.ac.za"? no (end of list)
>>> consumerblast.com in "mentor.wits.ac.za"? no (end of list)
>>> hubbed_hosts router declined for test@???
>>> consumerblast.com in "wits.ac.za"? no (end of list)
>>> consumerblast.com in "! +local_domains"? yes (end of list)
>>> calling dnslookup router
>>> 24.120.30.52 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
>>> 24.120.30.53 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
>>> 24.120.30.54 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
>>> 24.120.30.55 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
>>> 24.120.30.56 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
>>> 24.120.30.57 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
>>> 24.120.30.58 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
>>> 24.120.30.59 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
>>> 24.120.30.51 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
>>> routed by dnslookup router
>>> ----------- end verify ------------
>>> require: condition test succeeded
>>> processing "deny"
>>> check dnslists = sbl.spamhaus.org=127.0.0.2
>>> DNS list check: sbl.spamhaus.org=127.0.0.2
>>> new DNS lookup for 168.119.216.66.sbl.spamhaus.org
>>> DNS lookup for 168.119.216.66.sbl.spamhaus.org succeeded
>>> => that means 66.216.119.168 is listed at sbl.spamhaus.org
>>> deny: condition test succeeded
550-rejected because 66.216.119.168 is in a blacklist at sbl.spamhaus.org
550 Listed on SBL: http://spamhaus.org/SBL/sbl.lasso?query=SBL5466
LOG: H=click1.optinbargains4u.com (consumerblast.com) [66.216.119.168] F=<test@???> rejected RCPT sherona@???: rejected because 66.216.119.168 is in a blacklist at sbl.spamhaus.org

Based on this it looks like it working. I am not sure though especially since the testing method specified in sbl.spamhaus.org (ie sending a message to nelson-sbl-test@??? ) says that it is NOT working

Thanks for all the help
Cheers
sherona
--



This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-[Exim] Spam using RBL (output of exim -bh)Re: [Exim] Not immediately deleting delivered messages->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)