[CentOS] pop3 attack
Ned Slider
ned at unixmail.co.uk
Fri Mar 13 21:04:25 UTC 2009
James Pifer wrote:
>> The masquerading options are for a different purpose.
>> I'm glad you got it sorted out.
>
>
> Although I'm able to send mail to most people without a problem using
> smarthost, I still have a few that bounce back with errors like:
> Your message was rejected by mail.lance.com for the following reason:
>
> Service unavailable; Client host [cdptpa-omtalb.mail.rr.com] blocked by zen.spamhaus.org; http://www.spamhaus.org/query/bl?ip=70.62.90.185
>
> I'm using the smarthost server that I should be using according to the information:
> define(`SMART_HOST',`smtp-server.carolina.rr.com')dnl
>
Well, according to the headers on this message, your mail does indeed
appear to be correctly routed through your smarthost - in this instance
cdptpa-omtalb.mail.rr.com [75.180.132.122].
It looks to me like the server above is checking all hops against
zen.spamhaus.org rather than just the last external connection - that's
the only reason I can see for it detecting and rejecting your mail
(assuming your smarthost was correctly used to send that mail).
I use zen.spamhaus.org on my server, so you're welcome to send a test
message directly to me off list and see if it bounces or not (you will
get greylisted first for 60 seconds)
> Although I'm in a residential IP range, my connection is Business Class, so sending smtp mail is not restricted (at least contractually).
>
Regardless, as others have pointed out your IP address is still listed
in pbl on zen.spamhaus.org so it's pretty futile trying to send mail
directly.
> Why would I still have this problem if I'm using smarthost? Is there a way to resolve it?
>
It shouldn't if everything is configured correctly. As I said above, to
me it looks more like the receiving server is misconfigured. That might
be intentional, who knows, but they will get FPs as a result from anyone
like yourself who correctly relays mail through their ISP.
More information about the CentOS
mailing list