Jump to content

ckuka

Members
  • Content Count

    11
  • Joined

  • Last visited

Posts posted by ckuka


  1. Please tell me what host IP I used on: Jul 27 2006, 10:52 AM

    199.79.137.84

    I believe I was using the same one as I was for the njabl message right after you posted your njabl blocked test.

    After the first connection you were using 66.168.115.246

    So many in fact we needed to turn off the feature. Perhaps things have improved in this area.

    Spamcop is just the first were I realize problems - all other blocks because of this reason was spam.

    So I'll leave on, let's see.

    Christoph


  2. Sure would be nice to know exactly what you say that others know about .... perhaps what you actually did, as the "removed a HELO rule" doesn't really strike a chord for me .....

    I'm running Postfix, so in my main.cf I commented out "reject_unknown_hostname" from either "smtpd_recipient_restrictions =" or "smtpd_helo_restrictions =". Forced a Postfix reload, and then in spamcop mailhosts I added my server. After that i put that restriction back in the main.cf, postfix reload, everything fine.

    Regarding the wrong helo from spamcop: When adding a new Mailhost Spamcop sends a mail to that server connecting from sc-app5.ironport.com but says "helo sc-app5.soma.ironport.com" which doesn't fit. Postfix therefore answers "Helo command rejected: Host not found;". That's the point. "Don" (Spamcop admin?) told me, they're working on it ...

    Maybe that helps ...

    Christoph


  3. My only point is that does NOT seem to be a njabl block. That was copied directly from my telnet screen.

    I am glad you got your problem resolved, but I did get different replies using the same host and the same commands.

    Steven,

    you used two different hosts for telnet access, one is part of a njabl blocked network the other is not. with the host not beeing blocked you got the error above, but I can't see a second try from this host in my logs. All other attempts where coming from the blocked host.

    Christoph


  4. Things are now clear for me: Spamcop uses a different helo command in relation to the host that actually connects, maybe this is some kind of forgotten setting from a former server change. :unsure:

    So I took out the helo rule for some minutes to complete the mailhosts configuration, that worked.

    Spamcop Admins know about this issue, they say they're working on it - so maybe others won't have that problem in the future.

    What made me thought about my configuration is, that others don't seem to have that problem - does helo not play a role in preventing unwanted mail? I don't know.

    So far - thanks a lot for all that good thoughts especially to steven!

    Cu,

    Christoph


  5. That is not necessary though would probably be reccomended. The host I used (underwood.spamcop.net) does not even exist, yet is accepted it. It almost seems like kukaserver.de is responding differently to spamcop's server than to my manual tests.

    It is not. You were doing different things. I can see three attempts connecting with underwood.spamcop.net all of them where blocked because of the IP range being listed at njabl. You can't know if you would have been accepted, because you where listed in njabl. The check for a correct helo comes beyond that, even if you receive a 250 for your helo.

    Here's a session I did from a host that's not part of a dynamic IP network sending a wrong helo like spamcop does:

    1484-1:~ # telnet kukaserver.de 25

    Trying 212.227.20.16...

    Connected to kukaserver.de.

    Escape character is '^]'.

    220 kukaserver.de ESMTP

    helo foo.bar

    250 kukaserver.de

    mail from: root[at]1484-1.1st-housing.de

    250 Ok

    rcpt to: web1p1[at]kukaserver.de

    450 <foo.bar>: Helo command rejected: Host not found

    If everything is fine it looks like this (same host, right helo):

    helo 1484-1.1st-housing.de

    250 kukaserver.de

    mail from: root[at]1484-1.1st-housing.de

    250 Ok

    rcpt to: web1p1[at]kukaserver.de

    250 Ok

    data

    354 End data with <CR><LF>.<CR><LF>

    foo bar.

    .

    250 Ok: queued as A92D04001E3

    There was one other connection trying to send a mail from underwood[at]spamcop.net but that connection came from kopinproxy.kopin.com which is not listed in njabl because of not being part of a dynamic IP range. that's why you got different answers. BTW the attempt via the proxythingy domain was testing if the server accepts email sent to unknown recipients and got an error message therefor.

    So far, there're some things I'm sure about: Spamcop tries to send mailhosts mail via a helo command that is some kind of wrong in relation to the host it connects from. My server doesn't accept such connections and I'm not thinking that's wrong in the moment (please tell me why that is a not so good behavior :unsure: ). Also, all attempts I know from where you were connecting to my server have failed because of the different reasons mentioned above.

    So, we are where we were. As far as I know my server is behaving correct - why does Spamcop Mailhosts send a wrong helo? That's all we have to know about. If that could be fixed everyone would be happy. Is there a reason for doing this?

    Yes, I have a different IP address, but I have the same address I had a few days ago and when I originally did the test I did not get the njabl message, yet after you mentioned it, I tried again and did get the njabl message, so something changed on the SMTP server kukaserver.de

    see above. nothing changed - you can be sure.

    Thank you for your work on this.

    Christoph


  6. [at]Steven,

    Yes, I was showing that the server responded correctly when I did the test (the help was a typo, btw) but spamcop got an error during the same command when it tried. Did you re-try to send the probe and have it fail again? You never answered that question.

    Absolut! Many times! What I found in the mail log:

    Jul 30 23:22:49 kukaserver postfix/smtpd[25332]: connect from sc-app5.ironport.com[204.15.82.24]

    Jul 30 23:22:54 kukaserver postfix/smtpd[25332]: NOQUEUE: reject: RCPT from sc-app5.ironport.com[204.15.82.24]: 450 <sc-app5.soma.ironport.com>: Helo command rejected: Host not found; from=<service[at]admin.spamcop.net> to=<spamcop[at]kuka.tv> proto=SMTP helo=<sc-app5.soma.ironport.com>

    Why does spamcop do a wrong "helo"? It inserts a "soma." in the address, postfix tries to resolve this, but he can't, because this host doesn't exist. The host connecting should be identical to the host mentioned in the helo command, shouldn't it? So, without the "soma." it should work, or am I understanding something wrong? :unsure:

    Also, the 554 Service unavailable; Client host [88.73.199.135] blocked using dynablock.njabl.org; Dynamic/Residential IP range listed by NJABL dynablock - http://njabl.org/dynablock.html

    is new because I get that now, but did not previously.

    Why do you get that answer - you should have a different IP? (Am I misunderstanding you?)

    [at]Wazoo

    Yet when you registered here (and assumedly reading before/after posting) .... you chose to use this address you didn't want to "tell the world" ... it's showing in big, bold, black letters on my screen ....????

    Please see Spammers love Forum name = e-mail address

    You're so right - I realized that seconds after posting the first time ... - I wish could change the Username ...

    :blush:

    Christoph


  7. Steve,

    I tried to do the same session you did.

    Mine looked as follows:

    220 kukaserver.de ESMTP

    helo foo.bar

    502 Error: command not implemented

    helo foo.bar

    250 kukaserver.de

    mail from

    501 Syntax: MAIL FROM: <address>

    mail from: foo[at]bar.foo

    250 Ok

    rcpt to: web1p1[at]kukaserver.de

    554 Service unavailable; Client host [88.73.199.135] blocked using dynablock.njabl.org; Dynamic/Residential IP range listed by NJABL dynablock - http://njabl.org/dynablock.html

    (blocking occurs because of accessing from an dial-in account.)

    so it shows that the first helo command always gets a 502 error, but when entered again it acks with an 250 - I don't know if this is normal behavior, maybe it's because I'm accessing via putty, it's an postfix standart-installation and I'm getting email everyday ...

    The red line below is the one the error message is saying it did not receive. Lines in blue are my input.

    telnet kukaserver.de 25

    220 kukaserver.de ESMTP

    help underwood.spamcop.net

    250 kukaserver.de

    why is this an error? shouldn't it be that way? a 250 is an acknowledgement, isn't it?

    christoph


  8. Steve,

    thank you for your reply.

    Not a lot of data to work with,

    so: what data you need? I was just aware of telling the world my email address ...

    so I'll do it now - please tell me if I should take it out again to protect myself ... it is spamcop et kuka dot tv or

    web1p1 et kukaserver dot de ...

    hope that helps.

    telnet kukaserver.de 25

    220 kukaserver.de ESMTP

    help underwood.spamcop.net

    250 kukaserver.de

    I think that's a correct response because you should use "helo" instead of "help", don't you?

    What you think?

    Christoph


  9. Hello all,

    I hope someone will help me.. here are the Details:

    Since I changed the server, the IP address changed and other things too, so I decided to delete all my mailhosts and start over.

    I typed in my address at "foo[at]bar.com" gave it a name "bar" and on the next page the proper MX showed up: "bar.com (10)".

    So I continued to the next page where I to read this:

    Sorry, all tests failed.

    We cannot deliver mail to the address you provided: foo[at]bar.com. Double check the address provided or try again later. Your mailhost appears to be offline.

    Detailed errors:

    Connecting to kukaserver.de.:

    smtpSend:smtpEnvelope (service[at]admin.spamcop.net, foo[at]bar.com): smtpTo rcpt to:foo[at]bar (450 : Helo command rejected: Host not found )

    Sometimes, mailservers are temporarilly unavailable. If you believe you have entered your email address and other details correctly, you might just wait a few minutes (or 24 hours) and try again.

    This hard to understand for me, since I'm receiving mails on the server all the time, from spamcop too - so, here's the question (took a time, ehh?):

    What am I doing wrong?

    Thanks a lot!

    Christoph

×