This is spamd and greyscanner on current/macppc.
Generally, it works very well for me.
Recently, I see greyscanner trapping hosts that try to
"mail from sender with no MX or A", such as
Dec 26 17:21:13 www greyscanner[31861]: Trapped 87.219.109.249:
Mailed from sender bernina.co.il with no MX or A
That's a spammer alright, a typical mail from there looks like
(GREY) 87.219.109.249: <surchargeg...@bernina.co.il> -> <xyfstare...@stare.cz>
However, there _is_ a MX and A record for bernina.co.il:
$ host -t a bernina.co.il
bernina.co.il has address 62.90.102.9
$ host -t mx bernina.co.il
bernina.co.il mail is handled by 20 mx5.adcd.co.il.
bernina.co.il mail is handled by 10 mx4.adcd.co.il.
So there is something wrong. Same way, gmail.com got trapped:
Dec 26 20:54:32 www greyscanner[12163]: Trapped 209.85.215.177: Mailed
from sender gmail.com with no MX or A
Needless to say, there are MX and A records for gmail.com
(and there must have been at Dec 26 20:54:32 too).
What could be causing this? DNS resolving works fine on this machine.
Could it be that for some reason, greyscanner failed to resolve
at that precise moment? Can the "$DNS_SOCK_MAX = 50;" setting
have something to do with it?
Is anyone else seeing this?
Jan
