Re: [spamdyke-users] False DENIED_SENDER_NO_MX error?
Hi Sam, Can you release a patch for these bugs asap? I have been waiting for this fix for so long. Thanks. ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] False DENIED_SENDER_NO_MX error?
I've got a patch ready that fixes a couple of outstanding issues, including the DENIED_SENDER_NO_MX problem. I still need to make a couple of other changes and finish testing. I'm sorry the fixes have taken so long, but I've had very little free time for spamdyke lately. I'll try to get everything wrapped up and released within the next week. -- Sam Clippinger On 5/6/11 4:10 AM, Chris wrote: Hi Sam, Can you release a patch for these bugs asap? I have been waiting for this fix for so long. Thanks. ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] False DENIED_SENDER_NO_MX error?
Thanks a bunch, Sam. BTW, what are the chances of getting in an enhancement to the DENIED_RBL_MATCH log messages that would include the name of the BL which matched? I'd really like to glean this from the logs on a regular basis, so I'd rather not increase the log verbosity. Something like: DENIED_RBL_MATCH at: zen.spamhaus.org from: ... What do you think? Thanks again. -- -Eric 'shubes' On 03/11/2011 12:45 PM, Sam Clippinger wrote: Interesting... I think I understand what's happening. spamdyke is trying to find the MX record for bounce.e.groupon.com and receives an MX response that says bounce-mx.exacttarget.com. Then it tries to find an IP address for bounce-mx.exacttarget.com by searching for A or CNAME records. Or rather, that's what it should do. Due to an oversight on my part, it searches for A, CNAME and MX records because I was lazy and sent the same list of types to the function that tries to find the IP that was used to find the MX. As it happens, bounce-mx.exacttarget.com has both an A and a MX record associated with it, which is legal (but stupid). When spamdyke receives the MX record it asked for but didn't expect, it assumes the remote nameserver is broken and stops with an error. Due to a second oversight on my part, that error triggers the filter instead of failing gracefully. So, two bugs. I'll get them fixed. :) Thanks for reporting this! -- Sam Clippinger On 3/11/11 10:51 AM, Eric Shubert wrote: I did a detail log, and captured one of these. It says: ERROR: DNS response for bounce-mx.exacttarget.com: expected type A, CNAME but received type MX FILTER_SENDER_NO_MX domain: bounce.e.groupon.com From the spamassassin host, I get: [shubes@tacs-mail ~]$ host bounce-mx.exacttarget.com bounce-mx.exacttarget.com has address 66.231.91.236 bounce-mx.exacttarget.com mail is handled by 10 bounce-mx.exacttarget.com. [shubes@tacs-mail ~]$ I don't see anything wrong here (but could be misunderstanding something). Is spamdyke getting an MX record back before a type A (or CNAME) record? Is a wildcard perhaps involved somehow? One other thing. I'm under the impression (from the dyndns.com site) that MX records can (should?) not point to CNAME records. If this is indeed true, then I would think that spamdyke shouldn't be looking for a CNAME record which corresponds to the MX (as indicated in the message). As always, thanks Sam. ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] False DENIED_SENDER_NO_MX error?
I did a detail log, and captured one of these. It says: ERROR: DNS response for bounce-mx.exacttarget.com: expected type A, CNAME but received type MX FILTER_SENDER_NO_MX domain: bounce.e.groupon.com From the spamassassin host, I get: [shubes@tacs-mail ~]$ host bounce-mx.exacttarget.com bounce-mx.exacttarget.com has address 66.231.91.236 bounce-mx.exacttarget.com mail is handled by 10 bounce-mx.exacttarget.com. [shubes@tacs-mail ~]$ I don't see anything wrong here (but could be misunderstanding something). Is spamdyke getting an MX record back before a type A (or CNAME) record? Is a wildcard perhaps involved somehow? One other thing. I'm under the impression (from the dyndns.com site) that MX records can (should?) not point to CNAME records. If this is indeed true, then I would think that spamdyke shouldn't be looking for a CNAME record which corresponds to the MX (as indicated in the message). As always, thanks Sam. -- -Eric 'shubes' On 02/26/2011 01:32 PM, Sam Clippinger wrote: I can't reproduce this; when I try those addresses it works fine for me. Can you try two things? First, run host reply.ticketmaster.com to see if your server can find the MX record there -- the records for ticketmaster.com aren't actually checked. Second, can you enable excessive output and full logging to see what's happening during these deliveries? Excessive output should show all of the DNS packets that are sent and received. -- Sam Clippinger On 2/25/11 3:05 PM, Eric Shubert wrote: Running the latest spamdyke 4.2.0+TLS+CONFIGTEST+DEBUG on CentOS5.4 x86, Using caching-nameserver on localhost, and I'm not seeing any named errors in the system log. I just happened to notice this in my smtp log: 02-25 13:54:30 spamdyke[32582]: DENIED_SENDER_NO_MX from: ntf-330906_53-9098559-ticketmaster_=_shubes@reply.ticketmaster.com to: ticketmas...@shubes.net origin_ip: 209.104.37.138 origin_rdns: vg138.ntf.els4.ticketmaster.com auth: (unknown) encryption: TLS Seemed odd, so I checked: # host ticketmaster.com ticketmaster.com has address 209.104.34.32 ticketmaster.com has address 209.104.41.32 ticketmaster.com has address 209.104.45.32 ticketmaster.com has address 209.104.56.26 ticketmaster.com has address 209.104.58.151 ticketmaster.com has address 209.104.59.96 ticketmaster.com mail is handled by 10 mx.chi.ticketmaster.com. ticketmaster.com mail is handled by 10 mx.els.ticketmaster.com. Am I missing something, or is there a bug? ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] False DENIED_SENDER_NO_MX error?
On 02/26/2011 01:32 PM, Sam Clippinger wrote: I can't reproduce this; when I try those addresses it works fine for me. Can you try two things? First, run host reply.ticketmaster.com to see if your server can find the MX record there -- the records for ticketmaster.com aren't actually checked. # host reply.ticketmaster.com reply.ticketmaster.com has address 209.104.37.129 reply.ticketmaster.com mail is handled by 10 reply.ticketmaster.com. # Second, can you enable excessive output and full logging to see what's happening during these deliveries? Excessive output should show all of the DNS packets that are sent and received. I'll see about setting this up when I get a chance. I'd like to clear out some space on that server to make room for the logs first. Hope to have that done by the end of this week at the latest. In the meantime, I wonder, is it possible that perhaps spamdyke is simply showing the wrong error message? IOW, is there some other filter that's kicking in, but the SENDER_NO_MX message is showing instead of the appropriate one? Sam, can you give the code a once over to see if this might be happening? Thanks. P.S. It's a little relief to me that I'm not the only one who has apparently seen this problem. Thanks Shane. ;) -- Sam Clippinger On 2/25/11 3:05 PM, Eric Shubert wrote: Running the latest spamdyke 4.2.0+TLS+CONFIGTEST+DEBUG on CentOS5.4 x86, Using caching-nameserver on localhost, and I'm not seeing any named errors in the system log. I just happened to notice this in my smtp log: 02-25 13:54:30 spamdyke[32582]: DENIED_SENDER_NO_MX from: ntf-330906_53-9098559-ticketmaster_=_shubes@reply.ticketmaster.com to: ticketmas...@shubes.net origin_ip: 209.104.37.138 origin_rdns: vg138.ntf.els4.ticketmaster.com auth: (unknown) encryption: TLS Seemed odd, so I checked: # host ticketmaster.com ticketmaster.com has address 209.104.34.32 ticketmaster.com has address 209.104.41.32 ticketmaster.com has address 209.104.45.32 ticketmaster.com has address 209.104.56.26 ticketmaster.com has address 209.104.58.151 ticketmaster.com has address 209.104.59.96 ticketmaster.com mail is handled by 10 mx.chi.ticketmaster.com. ticketmaster.com mail is handled by 10 mx.els.ticketmaster.com. Am I missing something, or is there a bug? -- -Eric 'shubes' ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] False DENIED_SENDER_NO_MX error?
Hi Shane wdclnxmail1.learningtree.com and learningtree.com are 2 different domains While the second domain (learningtree.com) has mx records the first does not Hope this helps Best Regards Greg Cirino 603-425-2221 Cirelle Enterprises, Inc Hosting, Development, Email, MLS www.cirelle.com www.mlsbot.com | On 2/26/2011 1:00 PM, spamdyke-users-requ...@spamdyke.org wrote: | | I have noticed the same issue now that you made me check things out. | Same issue appears on spamdyke 4.0.9 and after upgrading to 4.2.0 | (CentOS5.2) | | DENIED_SENDER_NO_MX from: javier_9...@exalumnos.com | | # host exalumnos.com | exalumnos.com has address 216.69.165.94 | exalumnos.com mail is handled by 10 mail2.exalumnos.com. | | DENIED_SENDER_NO_MX from: learningtree...@wdclnxmail1.learningtree.com | | # host learningtree.com | learningtree.com has address 208.254.55.141 | learningtree.com mail is handled by 30 learningtree.com.s5b1.psmtp.com. | learningtree.com mail is handled by 40 learningtree.com.s5b2.psmtp.com. | learningtree.com mail is handled by 10 learningtree.com.s5a1.psmtp.com. | learningtree.com mail is handled by 20 learningtree.com.s5a2.psmtp.com. | | Regards, | Shane Bywater | | P.S. Thanks Eric for the # yum install openssl-devel. That did it. | | | | Message: 1 | Date: Fri, 25 Feb 2011 14:05:55 -0700 | From: Eric Shuberte...@shubes.net | Subject: [spamdyke-users] False DENIED_SENDER_NO_MX error? | To: spamdyke-users@spamdyke.org | Message-ID:ik95jj$bjt$1...@dough.gmane.org | Content-Type: text/plain; charset=ISO-8859-1; format=flowed | | Running the latest spamdyke 4.2.0+TLS+CONFIGTEST+DEBUG on CentOS5.4 x86, | Using caching-nameserver on localhost, and I'm not seeing any named | errors in the system log. | | I just happened to notice this in my smtp log: | | 02-25 13:54:30 spamdyke[32582]: DENIED_SENDER_NO_MX from: | ntf-330906_53-9098559-ticketmaster_=_shubes@reply.ticketmaster.com | to: ticketmas...@shubes.net origin_ip: 209.104.37.138 origin_rdns: | vg138.ntf.els4.ticketmaster.com auth: (unknown) encryption: TLS | | Seemed odd, so I checked: | # host ticketmaster.com | ticketmaster.com has address 209.104.34.32 | ticketmaster.com has address 209.104.41.32 | ticketmaster.com has address 209.104.45.32 | ticketmaster.com has address 209.104.56.26 | ticketmaster.com has address 209.104.58.151 | ticketmaster.com has address 209.104.59.96 | ticketmaster.com mail is handled by 10 mx.chi.ticketmaster.com. | ticketmaster.com mail is handled by 10 mx.els.ticketmaster.com. | | Am I missing something, or is there a bug? | | | | ___ | spamdyke-users mailing list | spamdyke-users@spamdyke.org | http://www.spamdyke.org/mailman/listinfo/spamdyke-users | ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] False DENIED_SENDER_NO_MX error?
I can't reproduce this; when I try those addresses it works fine for me. Can you try two things? First, run host reply.ticketmaster.com to see if your server can find the MX record there -- the records for ticketmaster.com aren't actually checked. Second, can you enable excessive output and full logging to see what's happening during these deliveries? Excessive output should show all of the DNS packets that are sent and received. -- Sam Clippinger On 2/25/11 3:05 PM, Eric Shubert wrote: Running the latest spamdyke 4.2.0+TLS+CONFIGTEST+DEBUG on CentOS5.4 x86, Using caching-nameserver on localhost, and I'm not seeing any named errors in the system log. I just happened to notice this in my smtp log: 02-25 13:54:30 spamdyke[32582]: DENIED_SENDER_NO_MX from: ntf-330906_53-9098559-ticketmaster_=_shubes@reply.ticketmaster.com to: ticketmas...@shubes.net origin_ip: 209.104.37.138 origin_rdns: vg138.ntf.els4.ticketmaster.com auth: (unknown) encryption: TLS Seemed odd, so I checked: # host ticketmaster.com ticketmaster.com has address 209.104.34.32 ticketmaster.com has address 209.104.41.32 ticketmaster.com has address 209.104.45.32 ticketmaster.com has address 209.104.56.26 ticketmaster.com has address 209.104.58.151 ticketmaster.com has address 209.104.59.96 ticketmaster.com mail is handled by 10 mx.chi.ticketmaster.com. ticketmaster.com mail is handled by 10 mx.els.ticketmaster.com. Am I missing something, or is there a bug? ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users