[TriLUG] Email Problems
Supple.Joe at epamail.epa.gov
Supple.Joe at epamail.epa.gov
Mon Feb 11 13:48:38 EST 2013
> From: "Lance A. Brown" <lance at bearcircle.net>
> Subject: Re: [TriLUG] Email Problems
> Message-ID: <5118AE75.4040908 at bearcircle.net>
> Content-Type: text/plain; charset=ISO-8859-1
>
> James Jones said the following on 2/8/2013 11:46 AM:> Ron,
> >
> > On one of the member's email, I could not find it in the TRASH or
> > SPAM, but the other's I have no idea.
> >
> > I have asked the second member to check in his trash & spam, but he
> > has not done so. ( I asked by email from a juno.com account )
> >
> > The Verizon.net account doesn't really care since her husband uses
> > gmail, she just reads his copy of the email.
> >
> > jcj
>
>
> Hmmm. I, too, am a TWC customer. I was gone this weekend, got home
> tonite, and just saw this discussion, but do not have the beginning of
> it in my trilug folder. :-| Comparing the list of message IDs from the
> latest mailman archive file for this list, I had only 17 of 52 appear in
> the maillog on my server. I'm missing _most_ of the messages to Trilug
> since Monday, Feb 4th.
>
> Digging further in my logs I discovered that I now have a misconfigured
> DNS RBL in my postfix configuration, a la:
>
> /var/log/maillog.1:Feb 5 14:13:50 circle postfix/smtpd[7511]: NOQUEUE:
> reject: RCPT from pilot.trilug.org[64.244.27.136]: 554 5.7.1 Service
> unavailable; Client host [64.244.27.136] blocked using multi.uribl.com;
> Queries from 24.25.4.58 are restricted due to high volume. See
> http://uribl.com/about.shtml#abuse. Emails blocked due to this response
> are done so incorrectly. Please fix your implementation.;
> from=<trilug-bounces at trilug.org> to=<lance at bearcircle.net> proto=ESMTP
> helo=<pilot.trilug.org>
>
> I'm missing 35 emails from the trilug list and I have exactly 35 lines
> like this in my maillogs, along with lots more for other mail senders.
> :-( Trusting RR to handle my DNS lookups so that I don't have problsm
> with CDNs instead of using OpenDNS or Google's public DNS has just bit
> me in the butt. I've removed multi.uribl.com from my postfix config.
>
> I don't know if this is the OP's problem source or not but figure other
> folks running their own mail service with anti-spam tactics behind RR
> should know about it.
>
> --[Lance]
>
> --
> GPG Fingerprint: 409B A409 A38D 92BF 15D9 6EEE 9A82 F2AC 69AC 07B9
> CACert.org Assurer
Speaking of DNS issues, before people suggest to change to OpenDNS - I see
at
http://cbl.abuseat.org/
the notice below. We use the CBL for Spam filtering.
IMPORTANT WARNING for System Adminstrators using the CBL (2013/02/11)
This applies if you are running a mail server using the CBL and are also
using OpenDNS DNS servers - for example, you have 208.67.222.222 and/or
208.67.222.220 in /etc/resolv.conf files on Linux/UNIX.
Commencing approximately 2013/02/07 (Feb 7) OpenDNS appears to have made a
change such that it started replacing NXDOMAIN results from CBL DNSBL
queries with 67.215.65.132. This the IP address of their domain
spell-checker/search-engine/advertising-monetization web page. This is
known as NXDOMAIN hijacking.
Some mail server's DNSBL query mechanisms/configurations will treat this
as meaning the IP it queried was "listed" in the CBL, but NXDOMAIN is
supposed to mean "not listed". This means that you will lose valid email.
We strongly recommend that you stop using OpenDNS immediately.
Any questions, please reply
_______________________________________
Joseph Supple
NNES - National Notes and Email Support
CSC ITS-EPA Team
Supporting the Environmental Protection Agency
79 TW Alexander Drive, Bldg 4401
Research Triangle Park, NC, 27709
Telephone: 919-767-7278
Fax: 919-767-7506
Email: Supple.Joe at epamail.epa.gov
More information about the TriLUG
mailing list