-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I was using 3.1.0 until today on my mail server at work and after the
upgrade suddenly I'm seeing a lot of RCVD_IN_WHOIS_BOGONS misfiring.
one example of a sender domain that triggered is d.dena.ne.jp which
doesn't directly resolve, but ns.dena.ne.jp resolves to 64.56.174.130
which shows as a network that appears in the
allocated-netrange-arin_after1995.txt on completewhois.com [1]
I've checked my trusted_networks and that seems to be OK... if i let the
trusted_network be auto-determined (i.e. not set manually) or if i set
it manually I get the same results.
The machine is on a global network with a separate interface on an
internal network.
DISGUISE_PORN_MUNDANE appears to be hitting on Japanese text as well.
I'm only seeing the tests in the mail logs so I don't have any actual
headers at the moment.
can anyone offer any ideas as to where I should look or what might be
happening?
here's some debug info that might be useful:
[4392] dbg: dns: is Net::DNS::Resolver available? yes
[4392] dbg: dns: Net::DNS version: 0.57
[4392] dbg: diag: perl platform: 5.008005 linux
[4392] dbg: diag: module installed: Digest::SHA1, version 2.11
[4392] dbg: diag: module installed: Net::SMTP, version 2.29
[4392] dbg: diag: module installed: Mail::SPF::Query, version 1.999001
[4392] dbg: diag: module installed: IP::Country::Fast, version 604.001
[4392] dbg: diag: module installed: Razor2::Client::Agent, version 2.67
[4392] dbg: diag: module not installed: Net::Ident ('require' failed)
[4392] dbg: diag: module not installed: IO::Socket::INET6 ('require' failed)
[4392] dbg: diag: module installed: IO::Socket::SSL, version 0.97
[4392] dbg: diag: module installed: Time::HiRes, version 1.87
[4392] dbg: diag: module installed: DBI, version 1.45
[4392] dbg: diag: module installed: Getopt::Long, version 2.34
[4392] dbg: diag: module installed: LWP::UserAgent, version 2.032
[4392] dbg: diag: module installed: HTTP::Date, version 1.46
[4392] dbg: diag: module installed: Archive::Tar, version 1.29
[4392] dbg: diag: module installed: IO::Zlib, version 1.04
[4392] dbg: diag: module installed: MIME::Base64, version 3.07
[4392] dbg: diag: module installed: HTML::Parser, version 3.54
[4392] dbg: diag: module installed: DB_File, version 1.810
[4392] dbg: diag: module installed: Net::DNS, version 0.57
Thanks,
Alan
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFEjNs2E2gsBSKjZHQRAkMhAJ40RgtMeXak2enbljP0PQGQR4xh/wCgtmcd
dfZ7z+wtX2oVtrQR90L4lpI=
=BxhD
-----END PGP SIGNATURE-----
