Yahoo Groups archive

Milter-greylist

Index last updated: 2026-04-13 23:57 UTC

Message

Re: [milter-greylist] Strange log when using tarpit

2016-08-23 by Bill Levering

The DKIM passing is what I’m confused about also.

The rest looks correct, but not legit.

I assume that 0.0.0.0/0 = ‘the internet’ or every server on the planet

Also note that the domain (no spaces) make quick med.com is flagged by spam assassin, so I don’t know who has actually read the original email

Bill

> On Aug 23, 2016, at 2:17 AM, Christian Pélissier Christian.Pelissier@... [milter-greylist] <milter-greylist@yahoogroups.com> wrote:
> 
> Hi,
> 
> I 've just configured yesterday milter-greylist 4.6.1 to use tarpit with
> 
> racl whitelist tarpit 65s <<< ACL 898
> 
> I don't understand the following log (many mails are same)
> 
> Aug 22 20:31:25 emix2 milter-greylist: u7MIV0em022983: skipping greylist
> because address 80.78.253.76 matches MX record, sender is
> DKIM-compliant, tarpit is requested, (from=<no-reply@make quick med.com>,
> rcpt=<pelissier@...>, addr=vm24571.hv8.ru[80.78.253.76]) ACL 898
> 
> In this log hhe reason invoked of skipping greylist 
> 
> ==> 80.78.253.76 matches MX record true (but I have no such declaration
> inside greylist.conf)
> 
> # dig +short mx make quick med.com
> 10 mail.make quick med.com.
> 
> ==> sender is DKIM-compliant
> Sender as a SPF declaration with 0.0.0.0/0 what does it mean ?
> 
> # dig +short txt make quick med.com
> "spf2.0/pra ip4:0.0.0.0/0 ?all"
> "v=spf1 ip4:0.0.0.0/0 ?all"
> 
> but I found no DKIM for make quick med.com
> 
> The timestamps 20:31:25 and later 20:32:31 show that the message is
> effectively delayed 65s.
> 
> Aug 22 20:32:31 emix2 sendmail[22983]: u7MIV0em022983:
> from=<no-reply@make quick med.com>, size=2398, class=0, nrcpts=1,
> msgid=<0AF0BF2C4D99B704D8DD94283C75643A@make quick med.com>, proto=ESMTP,
> daemon=MTA, relay=vm24571.hv8.ru [80.78.253.76]
> Aug 22 20:32:31 emix2 sendmail[23375]: u7MIV0em022983:
> to=<pelissier@...>, delay=00:00:00, xdelay=00:00:00, mailer=esmtp,
> pri=122398, relay=onera.onera.fr. [144.204.65.4], dsn=2.0.0, stat=Sent
> (u7MIWVJW013990 Message accepted for delivery)
> 
> The headers show :
> 
> Authentication-Results: emix2.onera.fr; spf=pass
> smtp.mailfrom=no-reply@make quick med.com
> DKIM-Filter: OpenDKIM Filter v2.10.3 emix2.onera.fr u7MIV0em022983
> Authentication-Results: emix2.onera.fr; dkim=none <<<<<<<<<
> 
> X-Greylist: Sender passed DKIM test, Sender IP whitelisted by MX,
> Message
> whitelisted by tarpit 65s, ACL 898 matched, not delayed by
> milter-greylist-4.6.1 (emix2.onera.fr [144.204.16.6]); Mon, 22 Aug 2016
> 20:32:31 +0200 (CEST)
> 
> -- 
> Christian Pélissier / 34419
> ONERA DRI/RSC
> BP72 92322 Chatillon CEDEX
> 
> 
>

Attachments

  • No local attachments were found for this message.

Move to quarantaine

This moves the raw source file on disk only. The archive index is not changed automatically, so you still need to run a manual refresh afterward.