Re: Connection Filtering rejecting all emails
- From: p.jones+usenet@xxxxxxxxxxxxxx (Peter Jones)
- Date: Fri, 21 Sep 2007 23:03:34 GMT
On Tue, 18 Sep 2007 17:02:23 -0400, "Lanwench [MVP - Exchange]"
<lanwench@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
Peter Jones <p.jones+usenet@xxxxxxxxxxxxxx> wrote:
<snip>
<snip>saying that the originator is on the Blacklist.
Both machine are SBS servers and I have gone over them to make
sure they are not set up differently than the ones I have setup
and are working.
Here is what I have set up:
Display name: Spamhaus
DNS Suffix of Provider: zen.spamhaus.org
I like them....
Customer Error Message to Return: The IP address %0 was rejected
by the Realtime Block List provider %2.
I also like to set up a custom message to return ...saying what
yours does, but appending "....if you believe this is in error,
please call our office at (main phone number)."
I have rules aslso set up for list.dsbl.org, bl.spamcop.net, and
dnsbl.njabl.org.
I wouldn't use those, myself. I use zen.spamhaus.org alone.
I also made sure that the IP
addresses of both my and the problem machines are not on the any
of the blacklists (tested via dnsgoodies.com.)
Maybe that's not the best place to look? Always check on the
blocklist provider's website.
It yields the same results.
Here is the message I get back in the bouce (with some some small
edits):
Your message did not reach some or all of the intended recipients.
Subject: Test for Bounces
Sent: 9/15/2007 11:34 AM
The following recipient(s) could not be reached:
administrator@nopenadanoway on 9/15/2007 11:34 AM
You do not have permission to send to this recipient.
For assistance, contact your system administrator.
<mail.nopenada.com #5.7.1 smtp;550 5.7.1 $$.$$.85.2 has
been blocked by list.dsbl.org>
The message seems pretty clear to me - did you check dsbl.org ?
http://dsbl.org/main
http://dsbl.org/listing
It shows no listing for the IP reported in the email.
Hmmm. Well, I still can't see how this would be a problem with your
Exchange server. I would stop using these RBLs, and just stick with
spamhaus,myself. There's not going to be any useful logging in here,
as far as I know (one of the main reasons I much prefer Vamsoft/ORF)
It doesn't matter which one I have active. They all reject (including
Spamhaus.)
So if you remove *all* except the connection filter for zen.spamhaus.org you
have the same results?
<snip>
Also, what's your domain name?
I know you monitor microsoft.public.exchange2000.admin but for those
who dont...... it comes down to the way DNS resolves the rquests of
the lists.
Posted to microsoft.public.exchange2000.admin
Alright, I got it fixed.
On Thu, 20 Sep 2007 20:53:38 -0400, "Rich Matheisen [MVP]"
<richnews@xxxxxxxxxxxxxxxxxxxxx> wrote:
p.jones+usenet@xxxxxxxxxxxxxx (Peter Jones) wrote:
[ snip ]
It would return a 127.0.0.x if it were on the list. Neither of the IP
addresses tested are. Here is one that isn't on the list either. It
looks just like the two I tested.
72.23.95.12.list.dsbl.orgServer: ns3.mindspring.com
Address: 207.69.188.187
Non-authoritative answer:
Name: 72.23.95.12.list.dsbl.org
Addresses: 209.86.66.92, 209.86.66.93, 209.86.66.94, 209.86.66.95
209.86.66.90, 209.86.66.91
That DNS is broken. Try using another.
Not necessarily broken, just not returning the expected answer.
[ snip ]
I'll keep the IP's to myself.
Suit yourself.
I have other machines configured the
same way that don't reject the mail when Connection Filtering is
configured and turned on. I'd like to know what would cause this
server to be different.
Nothing. It's the DNS you're using that's different.
Earthlink has their DNS set up to resolve unknown requests to a
Earthlink (unknown requst)/search page. What the problem is, IP's that
resolve get filtered and ones that don't resolve go through. Since the
requests all returned requests, all of the mail was rejected.
For example:
A known IP on the block list:
10.221.212.88.zen.spamhaus.orgServer: ns3.mindspring.com
Address: 207.69.188.187
Non-authoritative answer:
Name: 10.221.212.88.zen.spamhaus.org
Address: 127.0.0.2
An IP that isn't on the list should come up like the following:
2.85.xxx.xx.sbl.spamhaus.orgServer: vnsc-bak.sys.gtei.net
Address: 4.2.2.2
*** vnsc-bak.sys.gtei.net can't find 2.85.xxx.xx.sbl.spamhaus.org:
Non-existent
domain
With the Earthlink servers, they resolve to their requests of unknown
names to their own info/search page:
2.85.xxx.xx.zen.spamhaus.orgServer: ns3.mindspring.com
Address: 207.69.188.187
Non-authoritative answer:
Name: 2.85.xxx.xx.zen.spamhaus.org
Addresses: 209.86.66.92, 209.86.66.93, 209.86.66.94, 209.86.66.95
209.86.66.90, 209.86.66.91
The DNS servers I had specified on the server having the issue
followed a similar pattern. Once I changed them to ones that resolved
requests as expected, email flowed and was blocked appropiately.
.
- Follow-Ups:
- Re: Connection Filtering rejecting all emails
- From: Lanwench [MVP - Exchange]
- Re: Connection Filtering rejecting all emails
- References:
- Connection Filtering rejecting all emails
- From: Peter Jones
- Re: Connection Filtering rejecting all emails
- From: Lanwench [MVP - Exchange]
- Re: Connection Filtering rejecting all emails
- From: Peter Jones
- Re: Connection Filtering rejecting all emails
- From: Lanwench [MVP - Exchange]
- Re: Connection Filtering rejecting all emails
- From: Peter Jones
- Re: Connection Filtering rejecting all emails
- From: Lanwench [MVP - Exchange]
- Connection Filtering rejecting all emails
- Prev by Date: Problema desinstalando Exchange 2000
- Next by Date: Re: Connection Filtering rejecting all emails
- Previous by thread: Re: Connection Filtering rejecting all emails
- Next by thread: Re: Connection Filtering rejecting all emails
- Index(es):
Relevant Pages
|
