esses are producing very well over 100
times the quota, considering the 100'000 queries/day limit.
The alternative (and very limited) use of the "returnhi" flag as seen in
this situation, only happens as a last resort, like e.g. after months
with no signs of remorse/remediation.
--
Med venlig hilsen / Kind regards,
Arne Jensen
gle.com
2. dig TXT whoami-ecs.v6.powerdns.org
3. dig TXT whoami-ecs.v4.powerdns.org
And provide a response with their outputs.
--
Med venlig hilsen / Kind regards,
Arne Jensen
d reject
parameter on it's own.
The majority of them also shows the classic dynamic/generic looking PTR
records, which is also a good reject parameter on it's own.
--
Med venlig hilsen / Kind regards,
Arne Jensen
ou see was sent from Gmail, relayed over your friend's server
(which is/was at medium), and then finally hitting yours, and that you
do not have set your friend's server as one of your trusted ones, the
DNSWL check will be done on your friend's server, ending up with
flagging the mes
server for the zone.
That "returnhi" option is only used for a minority, and only in the very
extreme cases where other attempts have been tried, but with no positive
success for a long while, - which is also being mentioned in the link
from the top of this post.
In the end, there is no perfect solution that simply works for everyone,
and everything, at once.
It would of course be nice, ... if there was...
--
Med venlig hilsen / Kind regards,
Arne Jensen
x.ch <mailto:mau...@gmx.ch>
>
> X-GMX-Antispam: 5 (nemesis mail header analyzer); Detail=V3;
>
> X-Spam-Flag: YES
>
> X-UI-Filterresults: junk:10;V03:K0:oQ58xS3PZ3o=:ui
>
> X-UI-Loop:V01:NQ+uvMhGdNE=:SW
>
> X-Spam-Flag: NO
>
From your own snippet of headers, as you can see above, it appears like
you are having two different X-Spam-Flag's to match against, which will
cause some complications and potentially unpredictable results...
--
Med venlig hilsen / Kind regards,
Arne Jensen
ng false positives with DNSWL?
- Again, maybe you should put up the FULL MESSAGE, instead of only
partial / munged headers?
Maybe then, and only then, there would be much more suggestions for how
to proceed.
--
Med venlig hilsen / Kind regards,
Arne Jensen
indicating RCVD_IN_DNSWL_HI,
but with none of the IP's mentioned being listed at RCVD_IN_DNSWL_HI.
If you happen to know of any of such definitive "problematic sources"
that are listed, I suggest you report them ASAP, including any kind of
evidence/proof you may have of your claims.
--
Med venlig hilsen / Kind regards,
Arne Jensen
l, or even better: The full message in question?
--
Med venlig hilsen / Kind regards,
Arne Jensen
Den 31-01-2021 kl. 21:11 skrev Riccardo Alfieri:
>
> On 1/31/21 8:28 PM, Arne Jensen wrote:
>
>> Spamhaus (blacklist) will return 127.255.255.x responses, if you're
>> over quota, using public resolvers or otherwise incorrect queries.
>>
>>
> this is not
Den 31-01-2021 kl. 18:43 skrev Matus UHLAR - fantomas:
> On 31.01.21 16:30, Arne Jensen wrote:
>> If this one causes false positives for anyone, then that actual
>> person/organisation (obviously, MX operator side) that it causes false
>> positives for, are the one to blame.
Den 31-01-2021 kl. 16:52 skrev RW:
> On Sun, 31 Jan 2021 16:30:21 +0100
> Arne Jensen wrote:
>
>
>> If everyone had done proper return code checking, e.g. response =
>> 127.0.0.2, and not been triggering on anything else, then everyone's
>> mail systems would h
want to check the actual registrar
whois server (e.g. whois.enom.com) for the actual expiration date from
the registrar. That one still says 2021-01-30.
--
Med venlig hilsen / Kind regards,
Arne Jensen
13 matches
Mail list logo
