postfix-users October 2010 archive
Main Archive Page > Month Archives  > postfix-users archives
postfix-users: Re: Posfix: deliver to spam folder analog of reje

Re: Posfix: deliver to spam folder analog of reject_rbl_client

From: Покотиленко Костик <casper_at_nospam>
Date: Thu Oct 28 2010 - 09:37:43 GMT
To: postfix-users@postfix.org

Hehe, noticed I've got just 2 replies on my thread from Noel Butler,
rest is missing:

.........
Oct 28 11:30:50 darkstar postfix/smtpd[17528]: NOQUEUE: reject: RCPT
from camomile.cloud9.net[168.100.1.3]: 554 5.7.1 Service unavailable;
Client host [168.1
00.1.3] blocked using spam.dnsbl.sorbs.net;
from=<owner-postfix-users@postfix.org> to=<casper@meteor.dp.ua>
proto=ESMTP helo=<camomile.cloud9.net>
.........

# grep NOQUEUE mail.log | grep 'postfix-users' | wc -l
41

This is 2 days log, I missed 41 message from this list. I've started to
think I'm ignored on this list, but no, this is just SORBS ignores one
of list's server.

Now I have to copy/past from the web archives to continue the thread.

В Чтв, 28/10/2010 в 14:28 +1000, Noel Butler пишет:
> On Wed, 2010-10-27 at 22:15 -0400, John Peach wrote:
> > On Thu, 28 Oct 2010 11:17:00 +1000
> > Noel Butler <noel.butler@ausics.net> wrote:
> >
> > > On Tue, 2010-10-26 at 14:11 +0300, Покотиленко Костик wrote:
> > >
> > >
> > >
> > > > sorbs.net is very agressive, many ISPs get blocked for several years and
> > > > are not willing to delist b/c sorbs doesn't offer free delist for them.
> > > >
> > >
> > >
> > > That is complete FUD, yes, I know what their website says, but knowing
> > > the people behind them I can assure you it has never been demanded, it
> > > is a deterrent, a request to their ticketing system is all it takes to
> > > get out, please don't fall for the mistruths by those who have been in
> > > SORBS, infact, better to ask yourself why they were in there in the
> > > first place.
> > >
> >
> > ... because we have so-called educated professionals who fall for
> > phishing scams on a regular basis, despite regular warnings about the
> > same.
>
>
> Right, so, how is THAT a false positive, it is a justifiable listing
> if they became part of the problem.
>
> I have an automated script that runs over all of our mail servers log
> files daily searching for IP's that send to
> known spamtrap addresses and also on my private server (this domain),
> addresses that never existed, and can't exist (marked as 'baduser' in
> our adduser scripts), those it finds are automatically entered into
> our local DNSBL which is used by other Uni's, ISP's and corporations
> over here, publicly accessible, but not advertised. I get a daily diff
> so I see the new entries, but I don't review/host/whois them, its just
> an interesting "count how many new entries" really and its typically 8
> to 15 a day, and, AFAIC, they can stay in there forever because they
> are clearly miscreants.
>
-- Покотиленко Костик <casper@meteor.dp.ua>