Return-Path: <[email protected]>
Received: from sourceforge.net ([188.65.247.119])
On Sat, 3 Aug 2024 21:41:35 +0000, Knute Johnson wrote:
Return-Path: <[email protected]>
Received: from sourceforge.net ([188.65.247.119])
Since when Etsy it using this false sourceforge.net mail server as their
mx server? Or have you mixed and matched information for privacy to come
up with this aberration?
$ nslookup -q=mx etsy.com
Non-authoritative answer:
etsy.com mail exchanger = 10 aspmx.l.google.com. etsy.com mail exchanger = 50 aspmx3.googlemail.com. etsy.com mail exchanger = 30 alt2.aspmx.l.google.com. etsy.com mail exchanger = 20 alt1.aspmx.l.google.com. etsy.com mail exchanger = 40 aspmx2.googlemail.com.
Authoritative answers can be found from:
$ nslookup 188.65.147.119
119.147.65.188.in-addr.arpa name = unsetptr.smart-weblications.de.
I would think you should enable a few safety measures - at least a DNSBL
to start - as this seems badly spoofed. A more comprehensive safety list would include DANE (included with Sendmail), SPF and OpenDKIM (3rd party tools), to name a few.
I'm running sendmail 8.17.1.9 on a Debian Bookworm virtual server. I
have the following line in my access database:
From:info@ ERROR:550 Go away!
I'm still getting email from info@ email addresses. Do I have something configured wrong or ?
From:info@ ERROR:550 Go away!
On 8/4/24 05:49, Claus Aßmann wrote:^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
(and post the log entries as someone else requested).
map_lookup: access (from:info@) returns ERROR:550 Go away! (0)
Not sure what I should be seeing.
Knute Johnson wrote:
From:info@ ERROR:550 Go away!
Check that sendmail actually has that map entry:
echo '/map access from:info@' | sendmail -bt
(and post the log entries as someone else requested).
map_lookup: access (from:info@) returns ERROR:550 Go away! (0)
On 8/3/24 16:41, Knute Johnson wrote:
I'm running sendmail 8.17.1.9 on a Debian Bookworm virtual server. I
have the following line in my access database:
From:info@ ERROR:550 Go away!
I'm still getting email from info@ email addresses. Do I have
something configured wrong or ?
The SMTP envelope could very well be different.
What do the logs for message ID 461GfrWD782197 show the envelope as?
Knute Johnson wrote:
On 8/4/24 05:49, Claus Aßmann wrote:
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^(and post the log entries as someone else requested).
> map_lookup: access (from:info@) returns ERROR:550 Go away! (0)
Not sure what I should be seeing.
The RHS of the map entry -- so that's the correct result.
Unfortunately you still haven't posted the log entries.
Maybe the mail is coming from a "trusted" source or you
use something like
FEATURE(`delay_checks', `friend')
PS: online you can find some information how to test the
check_mail
ruleset (you need to set some macros to get this done right).
I'm still having some difficulty finding emails in the journal by the
ESMTP id though. I'm going to have to play with that some more.
Knute Johnson wrote:
I'm still having some difficulty finding emails in the journal by the
ESMTP id though. I'm going to have to play with that some more.
Why don't you grep for info@ in the mail log?
Aug 05 10:34:30 knute.vs.mythic-beasts.com sm-mta[1201227]:
475AYSVu1201227: ruleset=check_mail, arg1=<[email protected]>, relay=[176.59.168.223], reject=550 5.0.0 <[email protected]>...
Go away info@!
| Sysop: | Keyop |
|---|---|
| Location: | Huddersfield, West Yorkshire, UK |
| Users: | 715 |
| Nodes: | 16 (2 / 14) |
| Uptime: | 31:21:51 |
| Calls: | 12,109 |
| Calls today: | 9 |
| Files: | 15,006 |
| Messages: | 6,518,271 |