[ctw] Re: yahoo's blacklisted (Now its Spoofed or Forged)

  • From: Tom Shaw <tshaw@xxxxxxxx>
  • To: ctw@xxxxxxxxxxxxx
  • Date: Sat, 14 Mar 2009 12:49:18 -0400

To work off flat files:

http://127.0.0.1:55555/#localDomains to enter domains.
http://127.0.0.1:55555/#DoLocalSenderDomain check
http://127.0.0.1:55555/#ldLDAP uncheck
http://127.0.0.1:55555/#LocalAddresses_Flat to enter addresses or @domains.
http://127.0.0.1:55555/#DoLDAP uncheck

If you want to continue to try ldap
http://127.0.0.1:55555/#ldLDAPFilter (email=postmaster@DOMAIN)

I am trying a work around to get around EIMS poor LDAP implementation

At 11:11 AM -0500 3/14/09, webcatalog@xxxxxxx wrote:

I do have my domain local domains folder, but I stiill get tagged.

        Spam [ForgedLocalSender][testmode] mail testing
I had to turn off the ldap check all together and just use the local exported file 


On Mar 13, 2009, at 4:13 PM, Tom Shaw wrote:


OK
Here's what to do. You can 1) load the flat file database with your domains (http://127.0.0.1:55555/#localDomains), 2) ignor the local domain check (NOT RECOMMENDED) http://127.0.0.1:55555/#nolocalDomains, 3) Turn on domain LDAP check http://127.0.0.1:55555/#ldLDAP . Then go to http://127.0.0.1:55555/#nolocalDomains and enter (email=postmaster@DOMAIN)
I didn't notice this because I was running with flat file domains. I have been wrestling with this all day since LDAP queries for domain names did not work! Turns out that Glenn never implemented a LDAP query response for domains. I finally came up with the above workaround.
Sorry it took so long. I'll post a new cfg file later later and you can compare with what you have now. 

Tom

At 12:57 PM -0500 3/13/09, webcatalog@xxxxxxx wrote:

OK I turned off the spoof test and now they are marked as
[ForgedLocalSender]
somehow it thinks every outside sender is a local sender. Do I have a localdomains file screwed up or what? 





On Mar 13, 2009, at 12:26 PM, webcatalog@xxxxxxx wrote:


Can someone tell me how the spoof test works?
Every email that comes in is getting marked as spoof and I must have something wrong with my setup. 

On Mar 13, 2009, at 11:09 AM, webcatalog@xxxxxxx wrote:
OK I figured it out I still had something turned on and somehow my smtp(assp) machine was blocked ugh!
so I sent and email from yahoo and it works but I am still getting that the sender is spoofed. 

why would that be?

        From:   esa_tikanen@xxxxxxxxx
        Subject:        Spam [SpoofedSender][testmode] mail testing 123

        Date:   March 13, 2009 11:07:17 AM CDT

        To:     bobo@xxxxxxxxxxxxxxxxx


On Mar 13, 2009, at 10:46 AM, webcatalog@xxxxxxx wrote:


Additionally this is in my log, which tells me nothing!
Mar-13-09 10:43:11 Connected: 66.96.207.220:3074 -> 65.175.90.136:25 -> 65.175.90.131:25 Mar-13-09 10:43:11 Disconnected: 66.96.207.220 

On Mar 13, 2009, at 8:32 AM, webcatalog@xxxxxxx wrote:


<bob@xxxxxxxxxxxxx>:
65.175.90.136 does not like recipient.
Remote host said: 550 5.7.0 your server is blacklisted
Giving up on 65.175.90.136.

ugh! how do I cure this!

Circle The Wagons
manage: //www.freelists.org/list/ctw post: mailto:ctw@xxxxxxxxxxxxx
unsubscribe: mailto:ctw-request@xxxxxxxxxxxxx?subject=unsubscribe
search: //www.freelists.org/archives/ctw
faq: //www.freelists.org/wiki/the_faq


Circle The Wagons
manage: //www.freelists.org/list/ctwpost: mailto:ctw@xxxxxxxxxxxxx
unsubscribe: mailto:ctw-request@xxxxxxxxxxxxx?subject=unsubscribe
search: //www.freelists.org/archives/ctw
faq: //www.freelists.org/wiki/the_faq


Circle The Wagons
manage: //www.freelists.org/list/ctwpost: mailto:ctw@xxxxxxxxxxxxx
unsubscribe: mailto:ctw-request@xxxxxxxxxxxxx?subject=unsubscribe
search: //www.freelists.org/archives/ctw
faq: //www.freelists.org/wiki/the_faq


Circle The Wagons
manage: //www.freelists.org/list/ctwpost: mailto:ctw@xxxxxxxxxxxxx
unsubscribe: mailto:ctw-request@xxxxxxxxxxxxx?subject=unsubscribe
search: //www.freelists.org/archives/ctw
faq: //www.freelists.org/wiki/the_faq


Circle The Wagons
manage: //www.freelists.org/list/ctwpost: mailto:ctw@xxxxxxxxxxxxx
unsubscribe: mailto:ctw-request@xxxxxxxxxxxxx?subject=unsubscribe
search: //www.freelists.org/archives/ctw
faq: //www.freelists.org/wiki/the_faq



--
Tom Shaw - Chief Engineer, OITC
<tshaw at oitc.com>, http://www.oitc.com/ local wx: http://www.oitc.com/weather US Phone Numbers: 321-984-3714, 321-729-6258(fax), 321-258-2475(cell/voice mail,pager) 
Text Paging: http://www.oitc.com/Pager/sendmessage.html
AIM/iChat: trshaw@xxxxxxx

Fish more and Live longer
Circle The Wagons
manage: //www.freelists.org/list/ctw post: mailto:ctw@xxxxxxxxxxxxx
unsubscribe: mailto:ctw-request@xxxxxxxxxxxxx?subject=unsubscribe
search: //www.freelists.org/archives/ctw
faq: //www.freelists.org/wiki/the_faq


Circle The Wagons
manage: //www.freelists.org/list/ctwpost: mailto:ctw@xxxxxxxxxxxxx
unsubscribe: mailto:ctw-request@xxxxxxxxxxxxx?subject=unsubscribe
search: //www.freelists.org/archives/ctw
faq: //www.freelists.org/wiki/the_faq



--
Tom Shaw - Chief Engineer, OITC
<tshaw at oitc.com>, http://www.oitc.com/ local wx: http://www.oitc.com/weather
US Phone Numbers: 321-984-3714, 321-729-6258(fax), 321-258-2475(cell/voice mail,pager) 
Text Paging: http://www.oitc.com/Pager/sendmessage.html
AIM/iChat: trshaw@xxxxxxx

Fish more and Live longer
Circle The Wagons
manage: //www.freelists.org/list/ctw post: mailto:ctw@xxxxxxxxxxxxx 
unsubscribe: mailto:ctw-request@xxxxxxxxxxxxx?subject=unsubscribe
search: //www.freelists.org/archives/ctw
faq: //www.freelists.org/wiki/the_faq

Other related posts:

  1. Home
  2. ctw
  3. Archive
  4. 03-2009