Leonardo Boselli wrote:
> On Fri, 24 Oct 2008, Eli Sand wrote:
>>>>> SMTP error from remote mail server after end of data:
>>>>> host mail.relexa-hotel.de [87.225.129.6]: 554 Service unavailable;
>>>>> host [dipolo.dicea.unifi.it] blocked by zen.spamhaus.org;
>>>>> http://www.spamhaus.org/query/bl?ip=79.18.133.80
>>>>> reservierung.berlin@??? SMTP error from remote mail
>> Just chiming in my possibly useless 2cents here, but it seems, from the log
>> bit I've quoted here that it's not mail.relexa-hotel.de having any
>> "problems" - rather the mail server *YOU* sent from is the problem.
>>
>> The listing in spamhaus states that mail should NOT be sent out from IP
>> 79.18.133.80, and instead there is apparently a specific MX server you
>> should use and that all(?) IPs other than that IP in their control are to be
>> blocked from sending email (at least, are listed in spamhaus :P).
>> The fix here, apparently, would be to use a different mail server to send
>> your email.
>> I could be entirely wrong though - just going based on what I saw in this
>> last email I replied to.
>
> No, things are different
> 79.18.133.80 is the dinamic address given to a portable computer by a
> commercial ISP.
> The person that was sending this mail has it set to relay all e-mail
> througth the departmental server dipolo.dicea.unifi.it [150.217.9.2] (that
> is also the MX for his email-address, in case the recipient wanted to make
> a callback to verify the source !) that accept relaying from all
> _authenticated_ users.
> So, whatever net he is using, he will always have the same sending
> configuration. This is the same configuration that I and all people
> working here use on our portable computers since at least 7 years,
> and this is the first time such error occours!
>
> I think spam filter should only care about is is trusted the host that is
> passing them the message, not about the route the message has done before!
>
>
>
FWIW, I have the origination 'local' network - and 'many' other networks
in Italy hard-blocked - mostly broadband networks where zombots and
such proliferate.
But I do not block the 'proper' servers, such as 'dipolo.dicea.unifi.it'
which has it's house in good order, DNS-wise.
Neither does 'dipolo.dicea.unifi.it' show up in spamhaus RBL or any of
the several other blacklists I checked.
Someone at the DE ISP relaxa is using simply has their head up and
locked, EG - looking thru headers that catch the original AUTH'ed
submission instead of just evaluating the credentials of the connecting
server.
Which is why it had to wait 'til DATA phase, and is a doubly dumb move.
Bill
