3 messages in net.sourceforge.lists.courier-usersRe: [courier-users] BOFHCHECKHELO fai...| From | Sent On | Attachments |
|---|---|---|
| Greg Earle | Mar 26, 2010 9:30 am | |
| Sam Varshavchik | Mar 26, 2010 2:35 pm | |
| Matus UHLAR - fantomas | Mar 30, 2010 12:48 am |
| Subject: | Re: [courier-users] BOFHCHECKHELO failures on legit addresses | |
|---|---|---|
| From: | Matus UHLAR - fantomas (uhl...@fantomas.sk) | |
| Date: | Mar 30, 2010 12:48:40 am | |
| List: | net.sourceforge.lists.courier-users | |
Greg Earle writes:
I turned on BOFHCHECKHELO/BOFHCHECKDNS and it's been a real life-saver with all these 'bots barraging me with spam from fake (e.g. "HELO 8lpzcod", etc.) hosts.
But I'm on a Yahoo! Groups mailing list that consistently fails:
Mar 23 21:41:14 isolar courieresmtpd: [ID 702911 mail.error]
error,relay=::ffff:98.136.45.86,from=<sentto-12024622-1568-1269405664-earle=xxxx...@returns.groups.yahoo.com>:
517 HELO n61d.bullet.mail.sp1.yahoo.com does not exist.
Mar 23 21:50:49 isolar courieresmtpd: [ID 702911 mail.error]
error,relay=::ffff:98.136.45.70,from=<sentto-12024622-1569-1269406239-earle=xxxx...@returns.groups.yahoo.com>:
517 HELO n71c.bullet.mail.sp1.yahoo.com does not exist.
Mar 26 09:01:37 isolar courieresmtpd: [ID 702911 mail.error]
error,relay=::ffff:67.195.134.233,from=<sentto-12024622-1570-1269619288-earle=xxxx...@returns.groups.yahoo.com>:
517 HELO n5.bullet.mail.sp2.yahoo.com does not exist.
If you look up all 3 of those addresses, they are correct, backwards and forwards:
On 26.03.10 17:36, Sam Varshavchik wrote:
The hostname lookup is tried with MX first. Only if no MX record is not found, does an A record gets queried.
Yahoo has bogus MX records for these hosts:
n61d.bullet.mail.sp1.yahoo.com. 1800 IN MX 0 .
I keep trying to add exceptions in courier/etc/smtpaccess/default but Yahoo! uses so many different outgoing addresses that it's like trying to play Whack-A-Mole.
Meanwhile the list owner is threatening to throw me off because of all the bounces. Wondering why these keep failing?
Because of Yahoo's screwy MX records.
This is an attempt to mark those hosts as not sending/accepting e-mail. I think this should just mean that the hostname is valid for HELO, but not for MAIL FROM:<> (nor RCPT TO: but this isn't checked at smtp time, is it?)
There is currently (afaik) no way to indicate a host that does not send/receive e-mail. Since the RFCs define implicit MX for hosts without MX record, any hostname with valid A/AAAA can be used in SMTP transactions, which is often undesired.
I think that it would be nice if courier supported this, until there will be better way to indicate that a host does not do e-mail (e.g. requiring MX and not falling back to A/AAAA).
-- Matus UHLAR - fantomas, uhl...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Fucking windows! Bring Bill Gates! (Southpark the movie)
------------------------------------------------------------------------------ Download Intel® Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev
_______________________________________________ courier-users mailing list cour...@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users