sslug-teknik team mailing list archive

Thread
Date

Spammails slipper igennem block-lists

To: sslug-teknik@xxxxxxxx
From: "Steen" <steen-sslug@xxxxxxxxxx>
Date: Mon, 15 Aug 2005 07:26:09 +0200
Delivered-to: mailing list sslug-teknik@xxxxxxxx
Mailing-list: contact sslug-teknik-help@xxxxxxxx; run by ezmlm
Newsgroups: sslug.teknik
Organization: SSLUG

Jeg kører Postfix og har et antal block-lists komfigureret i main.cf for at 
undgå spam:

smtpd_recipient_restrictions = ...,
        reject_rbl_client relays.ordb.org,
        reject_rbl_client list.dsbl.org,
        reject_rbl_client multihop.dsbl.org,
        reject_rbl_client sbl-xbl.spamhaus.org,
        reject_rbl_client cbl.abuseat.org,
        reject_rbl_client opm.blitzed.org,
        reject_rbl_client combined.njabl.org,
        reject_rbl_client no-more-funn.moensted.dk,
        reject_rbl_client dnsbl.sorbs.net,
        ...

Det virker for det meste også fint, hvilket jeg kan se på de mails Postfix 
sender om de fejl der genereres. Ekssempelvis:

=====================
Transcript of session follows.

 Out: 220 cpe.atm4-0-1131176.0x50a384e6.bynxx9.customer.tele.dk ESMTP 
Postfix
 In:  HELO pcp0011369741pcs.pimaco01.az.comcast.net
 Out: 250 cpe.atm4-0-1131176.0x50a384e6.bynxx9.customer.tele.dk
 In:  MAIL FROM:<ho-chi@xxxxxxxxxxxxxx >
 Out: 250 Ok
 In:  RCPT TO:<mailadresse>
 Out: 554 Service unavailable; Client host [69.242.227.16] blocked using
     sbl-xbl.spamhaus.org; http://www.spamhaus.org/query/bl?ip=69.242.227.16

Session aborted, reason: lost connection
====================

Men ind imellem slipper der alligevel en spam eller to igennem. Når jeg 
checker client-ip på
http://openrbl.org/client/
så findes ip'en i block-listen.

Hvordan kan det gå til, at en spam alligevel smutter igennem?
Jeg er klar over, at der er en mulighed for, at eksempelvis 
sbl-xbl.spamhaus.org er nede, men kan der være andre forklaringer?

/Steen

Follow ups

Re: Spammails slipper igennem block-lists
From: Jesper Krogh, 2005-08-15