Discussion:
[SA-exim] greylistnullfrom problems.
Michael Heiming
2006-12-21 07:44:11 UTC
Permalink
Hi!

Strange problem with greylistnullfrom, which is set to (local.cf):

[..];'greylistnullfrom' => '0';[..]

Running:

Greylisting.pm,v 1.4 2006/01/11 17:17:28 marcmerlin Exp $

exim/exim-sa version (rpm):

exim-sa-4.43-1.RHEL4.5
exim-4.43-1.RHEL4.5

The problem it does actually greylist "F=<>" Null sender, despite it
shouldn't from how I understood the configuration. Which might not be
that bad with the recent raise of ratware, though it looks like it
doesn't get whitelisted even if the remote MTA is resending in time.
Though >99,99% of all mails with the null sender pass just fine due to
none or very low SA score.

Running with "Debug: 9" in sa-exim.conf didn't revealed any clue why
null sender are being greylisted.


Thx for any help on the matter


Michael
--
Marc MERLIN
2006-12-21 17:18:00 UTC
Permalink
Post by Michael Heiming
Hi!
[..];'greylistnullfrom' => '0';[..]
Greylisting.pm,v 1.4 2006/01/11 17:17:28 marcmerlin Exp $
exim-sa-4.43-1.RHEL4.5
exim-4.43-1.RHEL4.5
The problem it does actually greylist "F=<>" Null sender, despite it
shouldn't from how I understood the configuration. Which might not be
that bad with the recent raise of ratware, though it looks like it
doesn't get whitelisted even if the remote MTA is resending in time.
Though >99,99% of all mails with the null sender pass just fine due to
none or very low SA score.
Running with "Debug: 9" in sa-exim.conf didn't revealed any clue why
null sender are being greylisted.
You can take a mail like this, save it to disk, and run
spamassassin -t -D < /tmp/mail
This will give you more clue as to what's happening, and you can add some
printfs in Greylisting.pm to see what code you're hitting and what's
happening.

Hope this helps.

Marc
--
"A mouse is a device used to point at the xterm you want to type in" - A.S.R.
Microsoft is to operating systems & security ....
.... what McDonalds is to gourmet cooking
Home page: http://marc.merlins.org/
Michael Heiming
2006-12-21 17:42:07 UTC
Permalink
Post by Marc MERLIN
Post by Michael Heiming
Hi!
[..];'greylistnullfrom' => '0';[..]
Greylisting.pm,v 1.4 2006/01/11 17:17:28 marcmerlin Exp $
exim-sa-4.43-1.RHEL4.5
exim-4.43-1.RHEL4.5
The problem it does actually greylist "F=<>" Null sender, despite it
shouldn't from how I understood the configuration. Which might not be
that bad with the recent raise of ratware, though it looks like it
doesn't get whitelisted even if the remote MTA is resending in time.
Though >99,99% of all mails with the null sender pass just fine due to
none or very low SA score.
Running with "Debug: 9" in sa-exim.conf didn't revealed any clue why
null sender are being greylisted.
You can take a mail like this, save it to disk, and run
spamassassin -t -D < /tmp/mail
This will give you more clue as to what's happening, and you can add some
printfs in Greylisting.pm to see what code you're hitting and what's
happening.
Hope this helps.
Hi Marc!

Indeed, many thx for the pointer. Strange that the most obvious didn't
occur to me, go figure...;( I'll check this out and see what I get.

Best regards

Michael
--

Loading...