[Mimedefang] Re: bounce check with sendmail and md_check_against
Wayne
wayne at hamilton.net
Thu Nov 30 14:00:54 EST 2006
It seems to be SPAM. The problem I have is why did this just fail with
md_check. Here is an example of the reject I get in my postmaster account.
I don't know why it was rejected to r3ay8.net.upc.cz before I even got the
message.
Wayne
Return-Path: <MAILER-DAEMON>
Received: from localhost (localhost)
by smtp2.hamilton.net (8.13.8/8.13.8) id kAUIDIlV069493;
Thu, 30 Nov 2006 12:13:18 -0600 (CST)
Date: Thu, 30 Nov 2006 12:13:18 -0600 (CST)
From: Mail Delivery Subsystem <MAILER-DAEMON>
Message-Id: <200611301813.kAUIDIlV069493 at smtp2.hamilton.net>
To: <custsupport_88585 at 53.com>
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
boundary="kAUIDIlV069493.1164910398/smtp2.hamilton.net"
Subject: Returned mail: see transcript for details
Auto-Submitted: auto-generated (failure)
This is a MIME-encapsulated message
--kAUIDIlV069493.1164910398/smtp2.hamilton.net
The original message was received at Thu, 30 Nov 2006 12:13:17 -0600 (CST)
from r3ay8.net.upc.cz [213.220.242.8]
----- The following addresses had permanent fatal errors -----
<shawnac at hamilton.net>
(reason: 550 shawnac at hamilton.net unknown user account)
----- Transcript of session follows -----
... while talking to mail.hamilton.net.:
>>> DATA
<<< 550 shawn22 at hamilton.net unknown user account
550 5.1.1 <shawn22 at hamilton.net>... User unknown
<<< 554 no valid RCPT address specified
--kAUIDIlV069493.1164910398/smtp2.hamilton.net
Content-Type: message/delivery-status
Reporting-MTA: dns; smtp2.hamilton.net
Received-From-MTA: DNS; r3ay8.net.upc.cz
Arrival-Date: Thu, 30 Nov 2006 12:13:17 -0600 (CST)
Final-Recipient: RFC822; shawn22 at hamilton.net
Action: failed
Status: 5.1.1
Remote-MTA: DNS; mail.hamilton.net
Diagnostic-Code: SMTP; 550 shawn22 at hamilton.net unknown user account
Last-Attempt-Date: Thu, 30 Nov 2006 12:13:18 -0600 (CST)
--kAUIDIlV069493.1164910398/smtp2.hamilton.net
Content-Type: message/rfc822
Return-Path: <custsupport_88585 at 53.com>
Received: from r3ay8.net.upc.cz (r3ay8.net.upc.cz [213.220.242.8])
by smtp2.hamilton.net (8.13.8/8.13.8) with ESMTP id kAUID6lV069340
for <shawnac at hamilton.net>; Thu, 30 Nov 2006 12:13:17 -0600 (CST)
Received: from vpokojiku (vpokojiku [213.220.242.8])
by vpokojiku (8.12.8p1/8.12.8) with ESMTP id i7A2B709F62958
for <shawnac at hamilton.net>; Thu, 30 Nov 2006 20:13:08 +0100
(envelope-from custsupport_88585 at 53.com)
Date: Thu, 30 Nov 2006 20:13:08 +0100
From: Fifth Third Bank 2006 <custsupport_88585 at 53.com>
Reply-To: "<custsupport_88585 at 53.com>" <custsupport_88585 at 53.com>
X-Priority: 3 (Normal)
Message-ID: <268073272.20061130191308 at 53.com>
To: shawn22 at hamilton.net
Subject: Fifth Third Bank: details confirmation
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----------0E34523B878DC5BB"
X-Spam-XXXXXXXXXXXXXXXXX: SPAM hits=17.227
X-Spam-Report: pts rule name description
---- ---------------------- --------------------------------------------------
0.3 SPOOF_OURI URI: URI has items in odd places
2.5 SARE_SPOOF_COM2COM URI: a.com.b.com
0.5 SPOOF_COM2OTH URI: URI contains ".com" in middle
1.7 BIZ_TLD URI: Contains an URL in the BIZ top-level domain
0.6 HTML_90_100 BODY: Message is 90% to 100% HTML
0.0 HTML_MESSAGE BODY: HTML included in message
0.4 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
2.8 HTML_IMAGE_ONLY_04 BODY: HTML: images with 0-400 bytes of words
2.3 HTML_SHORT_LINK_IMG_1 HTML is very short with a linked image
3.0 SARE_FORGED_53 SARE_FORGED_53
X-Scanned-By: MIMEDefang 2.58 on 208.6.238.6
----- Original Message -----
From: "Scott Silva" <ssilva at sgvwater.com>
To: <mimedefang at lists.roaringpenguin.com>
Sent: Thursday, November 30, 2006 12:39 PM
Subject: [Mimedefang] Re: bounce check with sendmail and md_check_against
> Wayne spake the following on 11/30/2006 10:04 AM:
>> Hello All,
>>
>> I know everyone has probably figured this out but me. I am using
>> md_check_against_smtp_server on my mimedefang server to check usernames
>> before sending the mail to my server. I seem to have a lot of bounce
>> messages that get sent from my server with invalid from addresses. I
>> know there are some that are being rejected because of full mail boxes
>> and I can understand those but I have messages that are being rejected
>> by unknown user and then the bounce fails. These end up in my postmaster
>> account. I have also notice that at times AOL or some other provider
>> will black hole me for this. I don't know why these messages don't get
>> rejected by md_check_against_smtp_server. How do I keep my server to
>> discard these messages without trying to send them?
>>
>> Thanks in Advance
>> Wayne
>>
> What exactly are you bouncing?
> Do you do content scanning at the MX or only on the main server?
> If you are bouncing things like spam or viruses, you will get blacklisted
> often.
>
> --
>
> MailScanner is like deodorant...
> You hope everybody uses it, and
> you notice quickly if they don't!!!!
>
> _______________________________________________
> NOTE: If there is a disclaimer or other legal boilerplate in the above
> message, it is NULL AND VOID. You may ignore it.
>
> Visit http://www.mimedefang.org and http://www.roaringpenguin.com
> MIMEDefang mailing list MIMEDefang at lists.roaringpenguin.com
> http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
>
More information about the MIMEDefang
mailing list