Little help w/ greylisting bypass for SMTP AUTH-ed sessions

Pawel Osiczko p.osiczko@tetrapyloctomy.org
Thu Nov 30 16:40:32 UTC 2006


Hello,

First of all, thank you for dcc. It rocks muchly. My spam levels have dropped
significantly thanks to you guys.

I was wondering if you could help me out w/ greylist bypass for authenticated
sessions in sendmail. I generated sendmail.cf with hackmc -AROT. With dcc
up and running and with sendmail authenticating against saslauthd, I specify
option MTA-first to attempt to whitelist authenticated sessions. 'Cept it does
not work. After TLS-ed AUTH PLAIN succeeds, the message is embargoed leaving
client all hot, bothered, and confused. Here is what my sendmail sees:

Nov 29 21:51:25 foo sm-mta[24089]: STARTTLS=server, Diffie-Hellman init, key=512 bit (1)
Nov 29 21:51:25 foo sm-mta[24089]: STARTTLS=server, init=1
Nov 29 21:51:25 foo sm-mta[24089]: started as: /usr/local/sbin/sendmail -L sm-mta -bd -q30m -OLogLevel=15 -X/tmp/sendmail.log
Nov 29 21:51:27 foo sm-msp-queue[24093]: starting daemon (8.13.8): queueing@00:15:00
Nov 29 21:51:47 foo sm-mta[24096]: NOQUEUE: connect from client1.someprovider.net [1.2.3.4]
Nov 29 21:51:47 foo sm-mta[24096]: AUTH: available mech=CRAM-MD5 DIGEST-MD5 GSSAPI, allowed mech=LOGIN PLAIN DIGEST-MD5 CRAM-MD5
Nov 29 21:51:52 foo sm-mta[24096]: kAU4plcZ024096: --- 220 Sendmail ESMTP 8.13.8/8.13.8/pablo.02050100; Wed, 29 Nov 2006 21:51:47 -0700; UCE (spam) is UNWELCOME
Nov 29 21:51:53 foo sm-mta[24096]: kAU4plcZ024096: <-- EHLO [1.2.3.4]
Nov 29 21:51:53 foo sm-mta[24096]: kAU4plcZ024096: --- 250-foo.tetrapyloctomy.org Hello client1.someprovider.net [1.2.3.4], pleased to meet you
Nov 29 21:51:53 foo sm-mta[24096]: kAU4plcZ024096: --- 250-ENHANCEDSTATUSCODES
Nov 29 21:51:53 foo sm-mta[24096]: kAU4plcZ024096: --- 250-PIPELINING
Nov 29 21:51:53 foo sm-mta[24096]: kAU4plcZ024096: --- 250-8BITMIME
Nov 29 21:51:53 foo sm-mta[24096]: kAU4plcZ024096: --- 250-SIZE 10485760
Nov 29 21:51:53 foo sm-mta[24096]: kAU4plcZ024096: --- 250-ETRN
Nov 29 21:51:53 foo sm-mta[24096]: kAU4plcZ024096: --- 250-AUTH DIGEST-MD5 CRAM-MD5
Nov 29 21:51:53 foo sm-mta[24096]: kAU4plcZ024096: --- 250-STARTTLS
Nov 29 21:51:53 foo sm-mta[24096]: kAU4plcZ024096: --- 250-DELIVERBY
Nov 29 21:51:53 foo sm-mta[24096]: kAU4plcZ024096: --- 250 HELP
Nov 29 21:51:54 foo sm-mta[24096]: kAU4plcZ024096: <-- STARTTLS
Nov 29 21:51:54 foo sm-mta[24096]: kAU4plcZ024096: --- 220 2.0.0 Ready to start TLS
Nov 29 21:51:56 foo sm-mta[24096]: STARTTLS=server, get_verify: 0 get_peer: 0x0
Nov 29 21:51:56 foo sm-mta[24096]: STARTTLS=server, relay=client1.someprovider.net [1.2.3.4], version=TLSv1/SSLv3, verify=NO, cipher=DHE-RSA-AES256-SHA, bits=256/256
Nov 29 21:51:56 foo sm-mta[24096]: STARTTLS=server, cert-subject=, cert-issuer=, verifymsg=ok
Nov 29 21:51:56 foo sm-mta[24096]: AUTH: available mech=LOGIN CRAM-MD5 DIGEST-MD5 GSSAPI PLAIN, allowed mech=LOGIN PLAIN DIGEST-MD5 CRAM-MD5
Nov 29 21:51:56 foo sm-mta[24096]: STARTTLS=read, info: fds=8/5, err=2
Nov 29 21:51:56 foo sm-mta[24096]: kAU4plcZ024096: <-- EHLO [1.2.3.4]
Nov 29 21:51:56 foo sm-mta[24096]: kAU4plca024096: --- 250-foo.tetrapyloctomy.org Hello client1.someprovider.net [1.2.3.4], pleased to meet you
Nov 29 21:51:56 foo sm-mta[24096]: kAU4plca024096: --- 250-ENHANCEDSTATUSCODES
Nov 29 21:51:56 foo sm-mta[24096]: kAU4plca024096: --- 250-PIPELINING
Nov 29 21:51:56 foo sm-mta[24096]: kAU4plca024096: --- 250-8BITMIME
Nov 29 21:51:56 foo sm-mta[24096]: kAU4plca024096: --- 250-SIZE 10485760
Nov 29 21:51:56 foo sm-mta[24096]: kAU4plca024096: --- 250-ETRN
Nov 29 21:51:56 foo sm-mta[24096]: kAU4plca024096: --- 250-AUTH LOGIN PLAIN DIGEST-MD5 CRAM-MD5
Nov 29 21:51:56 foo sm-mta[24096]: kAU4plca024096: --- 250-DELIVERBY
Nov 29 21:51:56 foo sm-mta[24096]: kAU4plca024096: --- 250 HELP
Nov 29 21:51:56 foo sm-mta[24096]: STARTTLS=read, info: fds=8/5, err=2
Nov 29 21:51:57 foo sm-mta[24096]: kAU4plca024096: <-- AUTH CRAM-MD5
Nov 29 21:51:57 foo sm-mta[24096]: kAU4plca024096: --- 334 PDMyODE0NzMxMjQuNzIzNDQ4MkBhbnl3aGVyZS50ZXRyYXB5bG9jdG9teS5vcmc+
Nov 29 21:51:57 foo sm-mta[24096]: STARTTLS=read, info: fds=8/5, err=2
Nov 29 21:51:58 foo sm-mta[24096]: kAU4plca024096: --- 535 5.7.0 authentication failed
Nov 29 21:51:58 foo sm-mta[24096]: kAU4plca024096: AUTH failure (CRAM-MD5): user not found (-20) SASL(-13): user not found: no secret in database
Nov 29 21:51:58 foo sm-mta[24096]: STARTTLS=read, info: fds=8/5, err=2
Nov 29 21:51:59 foo sm-mta[24096]: kAU4plca024096: <-- AUTH PLAIN AHBhYmxvAGxpVkYhMEQ=
Nov 29 21:51:59 foo sm-mta[24096]: kAU4plca024096: --- 235 2.0.0 OK Authenticated
Nov 29 21:51:59 foo sm-mta[24096]: AUTH=server, relay=client1.someprovider.net [1.2.3.4], authid=pablo, mech=PLAIN, bits=0
Nov 29 21:51:59 foo sm-mta[24096]: STARTTLS=read, info: fds=8/5, err=2
Nov 29 21:52:00 foo sm-mta[24096]: kAU4plca024096: <-- MAIL FROM:<p.osiczko@tetrapyloctomy.org> SIZE=360
Nov 29 21:52:00 foo sm-mta[24096]: kAU4plca024096: --- 250 2.1.0 <p.osiczko@tetrapyloctomy.org>... Sender ok
Nov 29 21:52:00 foo sm-mta[24096]: STARTTLS=read, info: fds=8/5, err=2
Nov 29 21:52:00 foo sm-mta[24096]: kAU4plca024096: <-- RCPT TO:<pablo@rmrg.net>
Nov 29 21:52:00 foo sm-mta[24096]: kAU4plca024096: --- 250 2.1.5 <pablo@rmrg.net>... Recipient ok
Nov 29 21:52:00 foo sm-mta[24096]: STARTTLS=read, info: fds=8/5, err=2
Nov 29 21:52:01 foo sm-mta[24096]: kAU4plca024096: <-- DATA
Nov 29 21:52:01 foo sm-mta[24096]: kAU4plca024096: --- 354 Enter mail, end with "." on a line by itself
Nov 29 21:52:01 foo sm-mta[24096]: STARTTLS=read, info: fds=8/5, err=2
Nov 29 21:52:02 foo sm-mta[24096]: kAU4plca024096: from=<p.osiczko@tetrapyloctomy.org>, size=348, class=0, nrcpts=1, msgid=<456E63D9.6030303@tetrapyloctomy.org>, proto=ESMTP, daemon=MTA, relay=client1.someprovider.net [1.2.3.4]
Nov 29 21:52:04 foo sm-mta[24096]: kAU4plca024096: --- 452 4.2.1 mail kAU4plca024096 from 1.2.3.4 temporary greylist embargoed (hold)
Nov 29 21:52:04 foo sm-mta[24096]: kAU4plca024096: to=<pablo@rmrg.net>, delay=00:00:04, pri=30348, stat=authentication failed
Nov 29 21:52:04 foo sm-mta[24096]: kAU4plca024096: --- 452 4.2.1 mail kAU4plca024096 from 1.2.3.4 temporary greylist embargoed (held)
Nov 29 21:52:04 foo sm-mta[24096]: STARTTLS=read, info: fds=8/5, err=2
Nov 29 21:52:17 foo sm-mta[24096]: kAU4plcb024096: --- 421 4.4.1 foo.tetrapyloctomy.org Lost input channel from client1.someprovider.net [1.2.3.4]

Any ideas?

Thanks,

--p



More information about the DCC mailing list

Contact vjs@rhyolite.com by mail or use the form.