Message-ID:

Totally illogical, there was no chance. -- Spock, "The Galileo Seven", stardate 2822.3

computers / comp.mail.sendmail / Re: FEATURE dnsbl doesn't do anything

FEATURE dnsbl doesn't do anything

<ujo6m0$1u9mu$1@dont-email.me>

https://www.novabbs.com/computers/article-flat.php?id=879&group=comp.mail.sendmail#879

copy link Newsgroups: comp.mail.sendmail

Path: i2pn2.org!i2pn.org!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: mm+usene...@dorfdsl.de (Marco Moock)
Newsgroups: comp.mail.sendmail
Subject: FEATURE dnsbl doesn't do anything
Date: Thu, 23 Nov 2023 19:46:23 +0100
Organization: A noiseless patient Spider
Lines: 40
Message-ID: <ujo6m0$1u9mu$1@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Injection-Date: Thu, 23 Nov 2023 18:46:24 -0000 (UTC)
Injection-Info: dont-email.me; posting-host="b66e107a6d43df48baf3e3d8009e01ce";
logging-data="2041566"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX19BqQGdF2LqEm9hq0vw1bpy"
Cancel-Lock: sha1:PN4cgEP6+wjB9uJlVr9tAzrAcso=

by: Marco Moock - Thu, 23 Nov 2023 18:46 UTC

Hello!

On a test system I am trying to implement dnsbl.

Although, there are no DNS lookups at all for it.
Other DNS lookups like PTR are there (verified with a network sniffer).

Also, there is no DNS cache on that system.

divert(0)dnl
define(`_USE_ETC_MAIL_')dnl
include(`/usr/share/sendmail/cf/m4/cf.m4')dnl
VERSIONID(`$Id: sendmail.mc, v 8.17.1.9-2 2023-01-11 23:26:28 cowboy
Exp $') OSTYPE(`debian')dnl
DOMAIN(`debian-mta')dnl
FEATURE(`no_default_msa')dnl
DAEMON_OPTIONS(`Family=inet6, Name=MTA, Port=smtp')dnl
define(`confPRIVACY_FLAGS',
`needmailhelo,noetrn,needexpnhelo,needvrfyhelo,restrictqrun,restrictexpand,nobodyreturn,authwarnings')dnl
define(`confTO_IDENT', `0')dnl define(`confCONNECTION_RATE_THROTTLE',
`15')dnl define(`confCONNECTION_RATE_WINDOW_SIZE',`10m')dnl
FEATURE(`always_add_domain')dnl
FEATURE(nocanonify)dnl
FEATURE(`use_cw_file')dnl
FEATURE(`access_db',, `relaytofulladdress')dnl
FEATURE(`blocklist_recipients')dnl
define(`confBAD_RCPT_THROTTLE',`3')dnl
FEATURE(`dnsbl', `dnsbl-1.uceprotect.net')dnl
MAILER_DEFINITIONS
MAILER(`local')dnl
MAILER(`smtp')dnl

I used ncat 127.0.0.1 25 -s 127.0.0.2 to connect (the dnsbl being used
has that localhost IP listed for testing).

--
kind regards
Marco

Re: FEATURE dnsbl doesn't do anything

<ujpej2$fti$1@news.misty.com>

copy mid

https://www.novabbs.com/computers/article-flat.php?id=880&group=comp.mail.sendmail#880

copy link Newsgroups: comp.mail.sendmail

Path: i2pn2.org!i2pn.org!weretis.net!feeder6.news.weretis.net!news.misty.com!.POSTED.veps.esmtp.org!not-for-mail
From: INVALID_...@esmtp.org (Claus Aßmann)
Newsgroups: comp.mail.sendmail
Subject: Re: FEATURE dnsbl doesn't do anything
Date: Fri, 24 Nov 2023 01:07:30 -0500 (EST)
Organization: MGT Consulting
Sender: <ml+sendmail(-no-copies-please)@esmtp.org>
Message-ID: <ujpej2$fti$1@news.misty.com>
References: <ujo6m0$1u9mu$1@dont-email.me>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
Injection-Date: Fri, 24 Nov 2023 06:07:30 -0000 (UTC)
Injection-Info: news.misty.com; posting-host="veps.esmtp.org:155.138.203.148";
logging-data="16306"; mail-complaints-to="abuse@misty.com"
Mail-Copies-To: never
X-Newsreader: trn 4.0-test77 (Sep 1, 2010)
Originator: ca@x2.esmtp.org (Claus Assmann)

by: Claus Aßmann - Fri, 24 Nov 2023 06:07 UTC

Marco Moock wrote:

> FEATURE(`dnsbl', `dnsbl-1.uceprotect.net')dnl

> I used ncat 127.0.0.1 25 -s 127.0.0.2 to connect (the dnsbl being used
> has that localhost IP listed for testing).

What was the SMTP dialogue?
What was logged about it?

--
Note: please read the netiquette before posting. I will almost never
reply to top-postings which include a full copy of the previous
article(s) at the end because it's annoying, shows that the poster
is too lazy to trim his article, and it's wasting the time of all readers.

Re: FEATURE dnsbl doesn't do anything

<ujpm8d$28da2$1@dont-email.me>

copy mid

https://www.novabbs.com/computers/article-flat.php?id=881&group=comp.mail.sendmail#881

copy link Newsgroups: comp.mail.sendmail

Path: i2pn2.org!i2pn.org!news.hispagatos.org!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: mm+usene...@dorfdsl.de (Marco Moock)
Newsgroups: comp.mail.sendmail
Subject: Re: FEATURE dnsbl doesn't do anything
Date: Fri, 24 Nov 2023 09:18:20 +0100
Organization: A noiseless patient Spider
Lines: 53
Message-ID: <ujpm8d$28da2$1@dont-email.me>
References: <ujo6m0$1u9mu$1@dont-email.me>
<ujpej2$fti$1@news.misty.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Injection-Date: Fri, 24 Nov 2023 08:18:21 -0000 (UTC)
Injection-Info: dont-email.me; posting-host="1e908c56a9da317c622bdefa017dd3d8";
logging-data="2372930"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/rauCBvJdRjRMe764iI3yG"
Cancel-Lock: sha1:GirHJO3DazF32SJmzw2v4z3n74Y=

by: Marco Moock - Fri, 24 Nov 2023 08:18 UTC

Am 24.11.2023 um 01:07:30 Uhr schrieb Claus Aßmann:

> Marco Moock wrote:
>
> > FEATURE(`dnsbl', `dnsbl-1.uceprotect.net')dnl
>
> > I used ncat 127.0.0.1 25 -s 127.0.0.2 to connect (the dnsbl being
> > used has that localhost IP listed for testing).
>
> What was the SMTP dialogue?

root@test:/home/m# ncat 127.0.0.1 25 -s 127.0.0.2
220 test.dorfdsl.de ESMTP Sendmail 8.17.1.9/8.17.1.9/Debian-2; Fri, 24 Nov 2023 09:14:24 +0100; (No UCE/UBE) logging access from: [127.0.0.2](FAIL)-[127.0.0.2]
helo localhost
250 test.dorfdsl.de Hello [127.0.0.2], pleased to meet you
mail from:<>
250 2.1.0 <>... Sender ok
rcpt to:<root>
250 2.1.5 <root>... Recipient ok
data
354 Enter mail, end with "." on a line by itself
test
..
250 2.0.0 3AO8EON0000623 Message accepted for delivery
quit
221 2.0.0 test.dorfdsl.de closing connection

> What was logged about it?

Nothing about dnsbl

Nov 24 09:14:40 test sm-mta[623]: 3AO8EON0000623: from=<>, size=5, class=0, nrcpts=1, msgid=<202311240814.3AO8EON0000623@test.dorfdsl.de>, proto=SMTP, daemon=MTA, relay=[127.0.0.2]
Nov 24 09:14:40 test sm-mta[624]: 3AO8EON0000623: to=<root>,
delay=00:00:02, xdelay=00:00:00, mailer=local, pri=30279, dsn=2.0..0, stat=Sent

Config is in the cf file and machine has been restarted since yesterday.

root@test:/home/m# grep dns /etc/mail/sendmail.cf
##### $Id: dnsbl.m4,v 8.34 2013-11-22 20:51:11 ca Exp $ #####
Kdnsbl dns -R A -T<TMP>
# DNS based IP address spam list dnsbl-1.uceprotect.net
R$-.$-.$-.$- $: <?> $(dnsbl $4.$3.$2.$1.dnsbl-1.uceprotect.net. $: OK $)
R<?>$+ $#error $@ 5.7.1 $: "550 Rejected: " $&{client_addr} " listed at dnsbl-1.uceprotect.net"
# FEATURE(`dnsbl', `dnsbl-1.uceprotect.net')dnl

Re: FEATURE dnsbl doesn't do anything

<ujsle6$2p3gj$1@dont-email.me>

copy mid

https://www.novabbs.com/computers/article-flat.php?id=882&group=comp.mail.sendmail#882

copy link Newsgroups: comp.mail.sendmail

Path: i2pn2.org!i2pn.org!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: mm+usene...@dorfdsl.de (Marco Moock)
Newsgroups: comp.mail.sendmail
Subject: Re: FEATURE dnsbl doesn't do anything
Date: Sat, 25 Nov 2023 12:22:45 +0100
Organization: A noiseless patient Spider
Lines: 13
Message-ID: <ujsle6$2p3gj$1@dont-email.me>
References: <ujo6m0$1u9mu$1@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Injection-Date: Sat, 25 Nov 2023 11:22:46 -0000 (UTC)
Injection-Info: dont-email.me; posting-host="641beee1d63814b784714332a6a1e9f4";
logging-data="2919955"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1+5mPvnzZsG/HBzfHI/W5L6"
Cancel-Lock: sha1:hug6/+hUmbWpc0HYcnrCi6RgasI=

by: Marco Moock - Sat, 25 Nov 2023 11:22 UTC

Am 23.11.2023 um 19:46:23 Uhr schrieb Marco Moock:

> FEATURE(`access_db',, `relaytofulladdress')dnl

That was the issue because
Connect:127 RELAY
disabled those checks. I could have known that...

The next strange thing is that it doesn't do dnsbl checks for IPv6,
even when it is an address that isn't listed in accessdb.

Is that behavior normal?

Re: FEATURE dnsbl doesn't do anything

<ujtdl5$bdv$1@news.misty.com>

copy mid

https://www.novabbs.com/computers/article-flat.php?id=883&group=comp.mail.sendmail#883

copy link Newsgroups: comp.mail.sendmail

Path: i2pn2.org!rocksolid2!news.neodome.net!weretis.net!feeder6.news.weretis.net!news.misty.com!.POSTED.veps.esmtp.org!not-for-mail
From: INVALID_...@esmtp.org (Claus Aßmann)
Newsgroups: comp.mail.sendmail
Subject: Re: FEATURE dnsbl doesn't do anything
Date: Sat, 25 Nov 2023 13:16:05 -0500 (EST)
Organization: MGT Consulting
Sender: <ml+sendmail(-no-copies-please)@esmtp.org>
Message-ID: <ujtdl5$bdv$1@news.misty.com>
References: <ujo6m0$1u9mu$1@dont-email.me> <ujsle6$2p3gj$1@dont-email.me>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
Injection-Date: Sat, 25 Nov 2023 18:16:05 -0000 (UTC)
Injection-Info: news.misty.com; posting-host="veps.esmtp.org:155.138.203.148";
logging-data="11711"; mail-complaints-to="abuse@misty.com"
Mail-Copies-To: never
X-Newsreader: trn 4.0-test77 (Sep 1, 2010)
Originator: ca@x2.esmtp.org (Claus Assmann)

by: Claus Aßmann - Sat, 25 Nov 2023 18:16 UTC

Marco Moock wrote:

> The next strange thing is that it doesn't do dnsbl checks for IPv6,

> Is that behavior normal?

Yes, the rules work only for IPv4 addresses.

Subject	Author
FEATURE dnsbl doesn't do anything	Marco Moock
Re: FEATURE dnsbl doesn't do anything	Claus Aßmann
Re: FEATURE dnsbl doesn't do anything	Marco Moock
Re: FEATURE dnsbl doesn't do anything	Marco Moock
Re: FEATURE dnsbl doesn't do anything	Claus Aßmann