RBL check combines SMTP sender and Mail_From domains

Gary Mills mills@cc.umanitoba.ca
Sun Sep 14 02:33:33 UTC 2008


We run dcc-1.3.86, probably an older version now but it's been very
stable.  I recently changed the RBL configuration from xbl to zen.
This has been quite effective, rejecting lots of spam coming from
compromised home Windows boxes.  This is our current setting:

    DNSBL_ARGS="'-Bset:rej-msg=5.7.1 550 id %s from %s rejected. See http://www.spamhaus.org/zen/' -Bset:no-body -Bset:no-MX -Bset:no-NS -Bzen.dnsbl,any"

I've had a few complaints about legitimate messages that were rejected
with a  SMTP error like this:

    550 5.7.1 id m8BJlQgj011529 from 139.142.192.9 rejected. See http://www.spamhaus.org/zen/

The problem was that the SMTP peer's IP address, 139.142.192.9, was
not on a zen blacklist.  It was actually their e-mail domain name that
resolved to 216.94.25.20 that was on the blacklist.  The error is
certainly confusing.  The MX record for that domain was not on the
blacklist.  Likely their e-mail domain is also their web site, making
it difficult for them to change.

For now, I'd like to have dccm check only the SMTP peer, not also the
e-mail sender domain.  Is this possible somehow, perhaps in a newer
version?  I'd also like to have the actual IP address that failed an
RBL lookup listed on the SMTP rejection error line.  Is this possible?

-- 
-Gary Mills-    -Unix Support-    -U of M Academic Computing and Networking-



More information about the DCC mailing list

Contact vjs@rhyolite.com by mail or use the form.