Re: mail from dialups via ISP MTA

Sun, 30 Mar 2008 11:09:50 -0700 

Arvid Ephraim Picciani wrote:
Hi so again some undertsanding issue, i just got a mail from some gmail user. It got 5.1 points: 

 1.6 TVD_RCVD_IP            TVD_RCVD_IP
 1.7 RCVD_IN_NJABL_PROXY    RBL: NJABL: sender is an open proxy
                            [201.20.219.97 listed in combined.njabl.org]
 0.0 RCVD_IN_SORBS_HTTP     RBL: SORBS: sender is open HTTP proxy server
                            [201.20.219.97 listed in dnsbl.sorbs.net]
-0.0 SPF_HELO_PASS          SPF: HELO matches SPF record
-0.0 SPF_PASS               SPF: sender matches SPF record
 0.0 HTML_MESSAGE           BODY: HTML included in message
 1.7 MIME_HTML_ONLY         BODY: Message only has text/html MIME parts
 0.1 RDNS_DYNAMIC           Delivered to trusted network by host with
                            dynamic-looking rDNS


thats pretty weird, becouse OF COURSE thats a dynamic IP he sent the mail 
from. I mean, you can't ssh into your server and mail from there. And i dont 
get why sorbs is listing it, if it's dynamic. anyone could have that ip.
So what am i missing here? Why is SA complaining about the first received 
field beeing dynamic while imho thats kindof what it should be like. Most 
spam doesn't come from MUAs.
Does that mean i should tell my MTA to not expose my ip to other MTAs so they 
dont think it's spam from a dynip?


Received: from 66-211-213-17.velocity.net ([66.211.213.17] helo=archlinux.org)
        by samir.ibcsolutions.de with esmtp (Exim 4.68)
        (envelope-from <[EMAIL PROTECTED]>)
        id 1JffAx-0000EQ-Ng

  




that's a generic rdns host sending email directly. a lot of spam comes 
this way...



        for [EMAIL PROTECTED]; Sat, 29 Mar 2008 10:49:07 -0700
Received: from [127.0.0.1] (helo=66-211-213-17.velocity.net)
        by archlinux.org with esmtp (Exim 4.68)
        (envelope-from <[EMAIL PROTECTED]>)
        id 1JfeD1-0004Rl-FR; Sat, 29 Mar 2008 12:47:11 -0400
Received: from py-out-1112.google.com ([64.233.166.176])
        by archlinux.org with esmtp (Exim 4.68)
        (envelope-from <[EMAIL PROTECTED]>) id 1JfeCy-0004Rg-Mx
        for [EMAIL PROTECTED]; Sat, 29 Mar 2008 12:47:08 -0400
Received: by py-out-1112.google.com with SMTP id f31so942289pyh.19
        for <[EMAIL PROTECTED]>; Sat, 29 Mar 2008 09:47:11 -0700 (PDT)
Received: by 10.65.139.9 with SMTP id r9mr9500666qbn.10.1206809230895;
        Sat, 29 Mar 2008 09:47:10 -0700 (PDT)
Received: from ?201.20.219.97? ( [201.20.219.97])
        by mx.google.com with ESMTPS id c5sm3272661qbc.19.2008.03.29.09.47.06
        (version=TLSv1/SSLv3 cipher=RC4-MD5);
        Sat, 29 Mar 2008 09:47:08 -0700 (PDT)



  
























					Reply via email to