Re: rblsmtpd and mail-abuse.org's DNS servers
On Thu, 2 Aug 2001, Derek Callaway wrote: Hi, I'm having a problem with my qmail smtpd server becoming unresponsive when rblsmtpd cannot communiate with the RBL nameservers. Has anyone else From the manual page at http://cr.yp.to/ucspi-tcp/rblsmtpd.html: -C: (Default.) Handle RBL lookups in a ``fail-open'' mode. If an RBL lookup fails temporarily, assume that the address is not listed; if an anti-RBL lookup fails temporarily, assume that the address is anti-listed. Unfortunately, a knowledgeable attacker can force an RBL lookup or an anti-RBL lookup to fail temporarily, so that his mail is not blocked. -- Work: It's not just a job, it's an indenture.
Re: rblsmtpd and mail-abuse.org's DNS servers
2) Did you actually pay MAPS for use of their mail-abuse.org servers? They started charging on August 1st so you are not going to have much luck using them to block spam if you aren't paying them. Have you looked at the price list? The price for individual users is $0. If you want to keep using the RBL, RSS, an DUL, they want a written agreement from you, but if you can't afford to pay, they don't demand money. -- John R. Levine, IECC, POB 727, Trumansburg NY 14886 +1 607 387 6869 [EMAIL PROTECTED], Village Trustee and Sewer Commissioner, http://iecc.com/johnl, Member, Provisional board, Coalition Against Unsolicited Commercial E-mail
Re: rblsmtpd and mail-abuse.org's DNS servers
I list some alternatives to MAPS's RBLs, along with some other spam-prevention techniques, here: http://www.summersault.com/chris/techno/qmail/qmail-antispam.html http://www.summersault.com/chris/techno/qmail/qmail-antispam.html#resources Chris On Thu, 2 Aug 2001, Derek Callaway wrote: On Thu, 2 Aug 2001, Chin Fang wrote: Right, I guess I should have said that I already read those pages before I posted this message. I'm looking for a _free_ workaround to this problem. TIA You will need to pay MAPS to use one of its three RBLs, or the combined RBL+. Please see http://www.mail-abuse.org/subscription.html and http://www.mail-abuse.org/feestructure.html even you are with an educational institution. Dr. Dan Bernstein himself has given up on MAPS's RBLs: Please see: http://cr.yp.to/ucspi-tcp/rblsmtpd.html Regards, Chin Fang [EMAIL PROTECTED] Hi, I'm having a problem with my qmail smtpd server becoming unresponsive when rblsmtpd cannot communiate with the RBL nameservers. Has anyone else had this problem? I'd like to blindy accept e-mail if the RBL nameservers cannot be contacted. Here's how I'm starting the SMTP server: /usr/local/bin/tcpserver -x /etc/tcp.smtp.cdb -u 7791 -g 2108 -v 0 smtp fixcrio /usr/local/bin/rblsmtpd -t 7 /usr/local/bin/rblsmtpd -t 7 -r dialups.mail-abuse.org /usr/local/bin/rblsmtpd -t 7 -r 'relays.mail-abuse.org:Open relay problem - see URL:http://www.mail-abuse.org/cgi-bin/nph-rss?%IP%' /var/qmail/bin/qmail-smtpd 21 | /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t n100 s100 /var/log/smtp -- //Derek Callaway [EMAIL PROTECTED] * Programmer: CISC, LLC - S@IRC char *sites[]={http://www.freezersearch.com/index.cfm?aff=dhc;, http://www.ciscllc.com,http://www.freezemail.com,0}; /*KDR AB 249*/ -- Chris Hardie - - mailto:[EMAIL PROTECTED] -- http://www.summersault.com/chris/ --
Re: rblsmtpd and mail-abuse.org's DNS servers
You will need to pay MAPS to use one of its three RBLs, or the combined RBL+. Please see http://www.mail-abuse.org/subscription.html and http://www.mail-abuse.org/feestructure.html even you are with an educational institution. Dr. Dan Bernstein himself has given up on MAPS's RBLs: Please see: http://cr.yp.to/ucspi-tcp/rblsmtpd.html Regards, Chin Fang [EMAIL PROTECTED] Hi, I'm having a problem with my qmail smtpd server becoming unresponsive when rblsmtpd cannot communiate with the RBL nameservers. Has anyone else had this problem? I'd like to blindy accept e-mail if the RBL nameservers cannot be contacted. Here's how I'm starting the SMTP server: /usr/local/bin/tcpserver -x /etc/tcp.smtp.cdb -u 7791 -g 2108 -v 0 smtp fixcrio /usr/local/bin/rblsmtpd -t 7 /usr/local/bin/rblsmtpd -t 7 -r dialups.mail-abuse.org /usr/local/bin/rblsmtpd -t 7 -r 'relays.mail-abuse.org:Open relay problem - see URL:http://www.mail-abuse.org/cgi-bin/nph-rss?%IP%' /var/qmail/bin/qmail-smtpd 21 | /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t n100 s100 /var/log/smtp -- //Derek Callaway [EMAIL PROTECTED] * Programmer: CISC, LLC - S@IRC char *sites[]={http://www.freezersearch.com/index.cfm?aff=dhc;, http://www.ciscllc.com,http://www.freezemail.com,0}; /*KDR AB 249*/
Re: rblsmtpd and mail-abuse.org's DNS servers
On Thu, Aug 02, 2001 at 02:58:08PM -0400, Derek Callaway wrote: /usr/local/bin/tcpserver -x /etc/tcp.smtp.cdb -u 7791 -g 2108 -v 0 smtp fixcrio /usr/local/bin/rblsmtpd -t 7 /usr/local/bin/rblsmtpd -t 7 -r dialups.mail-abuse.org /usr/local/bin/rblsmtpd -t 7 -r 'relays.mail-abuse.org:Open relay problem - see URL:http://www.mail-abuse.org/cgi-bin/nph-rss?%IP%' /var/qmail/bin/qmail-smtpd 21 | /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t n100 s100 /var/log/smtp Two quick observations: [1] A single rblsmtpd instance can take multiple -r options, so your command line can be /much/ shorter and more efficiently executed. [2] Are you actually most concerned about quickly accepting mail from /local/ (or known-good) clients? If so, set up your own anti-RBL list and make it the first list to be checked. Read http://cr.yp.to/ucspi-tcp/rblsmtpd.html for more details on both the above. -- Adrian HoTinker, Drifter, Fixer, Bum [EMAIL PROTECTED] ListArchive: http://marc.theaimsgroup.com/?l=qmail Useful URLs: http://cr.yp.to/qmail.html http://www.qmail.org http://www.lifewithqmail.org/ http://qmail.faqts.com/
RE: rblsmtpd and mail-abuse.org's DNS servers
Derek, I see a number of problems with the text you copied in there, it's very confusing. Here's the questions and issues: 1) On line 2, you're calling rblsmtpd and having it call rblsmtpd, which then calls rblsmtpd for a third time on line 3. The first instance doesn't even have arguments so I have no idea why you're doing that. Combine all of those into one rblsmtpd with multiple -r arguments for all the servers to test against. 2) Did you actually pay MAPS for use of their mail-abuse.org servers? They started charging on August 1st so you are not going to have much luck using them to block spam if you aren't paying them. 3) You will need to call rblsmtpd with a -C argument to allow email through if it can't do the lookups against the servers you specify. This is the default so having it or not is okay. Dave -Original Message- From: Derek Callaway [mailto:[EMAIL PROTECTED]] Sent: Thursday, August 02, 2001 2:58 PM To: [EMAIL PROTECTED] Subject: rblsmtpd and mail-abuse.org's DNS servers Hi, I'm having a problem with my qmail smtpd server becoming unresponsive when rblsmtpd cannot communiate with the RBL nameservers. Has anyone else had this problem? I'd like to blindy accept e-mail if the RBL nameservers cannot be contacted. Here's how I'm starting the SMTP server: /usr/local/bin/tcpserver -x /etc/tcp.smtp.cdb -u 7791 -g 2108 -v 0 smtp fixcrio /usr/local/bin/rblsmtpd -t 7 /usr/local/bin/rblsmtpd -t 7 -r dialups.mail-abuse.org /usr/local/bin/rblsmtpd -t 7 -r 'relays.mail-abuse.org:Open relay problem - see URL:http://www.mail-abuse.org/cgi-bin/nph-rss?%IP%' /var/qmail/bin/qmail-smtpd 21 | /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t n100 s100 /var/log/smtp -- //Derek Callaway [EMAIL PROTECTED] * Programmer: CISC, LLC - S@IRC char *sites[]={http://www.freezersearch.com/index.cfm?aff=dhc;, http://www.ciscllc.com,http://www.freezemail.com,0}; /*KDR AB 249*/
Re: rblsmtpd and mail-abuse.org's DNS servers
On Thu, 2 Aug 2001, Chin Fang wrote: Right, I guess I should have said that I already read those pages before I posted this message. I'm looking for a _free_ workaround to this problem. TIA You will need to pay MAPS to use one of its three RBLs, or the combined RBL+. Please see http://www.mail-abuse.org/subscription.html and http://www.mail-abuse.org/feestructure.html even you are with an educational institution. Dr. Dan Bernstein himself has given up on MAPS's RBLs: Please see: http://cr.yp.to/ucspi-tcp/rblsmtpd.html Regards, Chin Fang [EMAIL PROTECTED] Hi, I'm having a problem with my qmail smtpd server becoming unresponsive when rblsmtpd cannot communiate with the RBL nameservers. Has anyone else had this problem? I'd like to blindy accept e-mail if the RBL nameservers cannot be contacted. Here's how I'm starting the SMTP server: /usr/local/bin/tcpserver -x /etc/tcp.smtp.cdb -u 7791 -g 2108 -v 0 smtp fixcrio /usr/local/bin/rblsmtpd -t 7 /usr/local/bin/rblsmtpd -t 7 -r dialups.mail-abuse.org /usr/local/bin/rblsmtpd -t 7 -r 'relays.mail-abuse.org:Open relay problem - see URL:http://www.mail-abuse.org/cgi-bin/nph-rss?%IP%' /var/qmail/bin/qmail-smtpd 21 | /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t n100 s100 /var/log/smtp -- //Derek Callaway [EMAIL PROTECTED] * Programmer: CISC, LLC - S@IRC char *sites[]={http://www.freezersearch.com/index.cfm?aff=dhc;, http://www.ciscllc.com,http://www.freezemail.com,0}; /*KDR AB 249*/
Re: rblsmtpd and mail-abuse.org's DNS servers
Hi, I'm having a problem with my qmail smtpd server becoming unresponsive when rblsmtpd cannot communiate with the RBL nameservers. http://www.mail-abuse.org/subscription.html Mads
Re: rblsmtpd and mail-abuse.org's DNS servers
On Thu, 2 Aug 2001, Derek Callaway wrote: Right, I guess I should have said that I already read those pages before I posted this message. I'm looking for a _free_ workaround to this problem. TIA There is no workaround. The resolver is going to wait for the connection to time out, thus causing your delay. The workaround is to either find another RBL list source that runs a reliable, free network, or when it does have hiccups, remove them, or suffer through the delays. -- John Gonzalez / [EMAIL PROTECTED] / [EMAIL PROTECTED] Tularosa Communications, Inc. (505) 439-0200 voice / (505) 443-1228 fax http://www.tularosa.net / ASN 11711 / JG6416 [--[ sys info ]---] 1:45pm up 329 days, 19:14, 5 users, load average: 0.07, 0.18, 0.15