I got this message today (names have been changed to protect the innocent!). Is it saying i'm blacklisted, or the host i'm emailing to is blacklisted? ----------email------------------- from localhost ----- The following addresses had permanent fatal errors ----- (email i'm mailing to) (expanded from: (their local alias name)) ----- Transcript of session follows ----- ... while talking to mail-in.pol.net.uk.:(email i'm mailing to)
RCPT To:
<<< 550- <<< 550 mail from (my emailer ip address) rejected: administrative prohibition (host is blacklisted) 550 (email i'm mailing to)... User unknown ----------email-------------------
Looks like the receiver is blacklisted by few DNSbl filters due to being a
spam source. You can check for yourself at:
http://relays2.osirusoft.com/cgi-bin/rbcheck.cgi
Avi
--On Friday, October 12, 2001 09:43:07 AM +0100 elfed lewis
I got this message today (names have been changed to protect the innocent!). Is it saying i'm blacklisted, or the host i'm emailing to is blacklisted?
----------email-------------------
from localhost
----- The following addresses had permanent fatal errors ----- (email i'm mailing to) (expanded from: (their local alias name))
----- Transcript of session follows ----- ... while talking to mail-in.pol.net.uk.:(email i'm mailing to)
RCPT To:
<<< 550- <<< 550 mail from (my emailer ip address) rejected: administrative prohibition (host is blacklisted) 550 (email i'm mailing to)... User unknown
----------email-------------------
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
-- Avi Schwartz avi@CFFtechnologies.com "I have to share the credit. I invented it, but Bill made it famous." - IBM engineer Dave Bradley describing the control-alt-delete reboot sequence
Hi, On 12-Oct-01 Avi Schwartz wrote:
Looks like the receiver is blacklisted by few DNSbl filters due to being a spam source. You can check for yourself at:
I think the *sender* is blacklisted, not the receiver. I have never seen an anti-spam feature of any MTA which checks wether the host the MTA runs on is blacklisted - would be a poke in the eye sometimes ;)) The postmaster warning mail reads: "while talking to mail-in.pol.net.uk.:(email i'm mailing to) [...]" ...and prints just this communication afterwards. Maybe the sending mailer is blacklisted after being abused by some formmail spammers... ...or it accidentally got on some blacklist, this happens sometimes (although the rate of these false alarms gets lower since ORBS is outta business...). Btw., SamSpade ( http://classic.samspade.org ) also offers a good blacklist check.
Avi
--On Friday, October 12, 2001 09:43:07 AM +0100 elfed lewis
wrote: I got this message today (names have been changed to protect the innocent!). Is it saying i'm blacklisted, or the host i'm emailing to is blacklisted?
----------email-------------------
from localhost
_ _----- The following addresses had permanent fatal errors ----- (email i'm mailing to) _ _ (expanded from: (their local alias name))
_ _----- Transcript of session follows ----- ... while talking to mail-in.pol.net.uk.:(email i'm mailing to)
_RCPT To:
<<<_550- <<<_550 mail from (my emailer ip address) rejected: administrative prohibition (host is blacklisted) 550 (email i'm mailing to)... User unknown
----------email------------------- [...]
Boris Lorenz
I don't think any of these replies are actually correct. I had exactly the same message from mail-in.pol.net.uk relating to some mail passing through my server to one of my clients (a Freeserve.co.uk subscriber) for whom I operate MX services. I can see from my logs that subsequent mail to freeserve has gone through, via mail-in.pol.net.uk. The relevant IP address does not appear on any of the blacklists covered by the link below and the mail server is not promiscuously relaying. My conclusion is that freeserve had a temporary problem. Andrew At 17:13 12/10/2001 +0200, Boris Lorenz wrote:
Hi,
On 12-Oct-01 Avi Schwartz wrote:
Looks like the receiver is blacklisted by few DNSbl filters due to being a spam source. You can check for yourself at:
I think the *sender* is blacklisted, not the receiver. I have never seen an anti-spam feature of any MTA which checks wether the host the MTA runs on is blacklisted - would be a poke in the eye sometimes ;))
The postmaster warning mail reads:
"while talking to mail-in.pol.net.uk.:(email i'm mailing to) [...]"
...and prints just this communication afterwards.
Maybe the sending mailer is blacklisted after being abused by some formmail spammers... ...or it accidentally got on some blacklist, this happens sometimes (although the rate of these false alarms gets lower since ORBS is outta business...).
Btw., SamSpade ( http://classic.samspade.org ) also offers a good blacklist check.
Avi
--On Friday, October 12, 2001 09:43:07 AM +0100 elfed lewis
wrote: I got this message today (names have been changed to protect the innocent!). Is it saying i'm blacklisted, or the host i'm emailing to is blacklisted?
----------email-------------------
from localhost
_ _----- The following addresses had permanent fatal errors ----- (email i'm mailing to) _ _ (expanded from: (their local alias name))
_ _----- Transcript of session follows ----- ... while talking to mail-in.pol.net.uk.:(email i'm mailing to)
_RCPT To:
<<<_550- <<<_550 mail from (my emailer ip address) rejected: administrative prohibition (host is blacklisted) 550 (email i'm mailing to)... User unknown
----------email------------------- [...]
Boris Lorenz
--- -- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sunday 14 October 2001 02:34 pm, you wrote:
I don't think any of these replies are actually correct. I had exactly the same message from mail-in.pol.net.uk relating to some mail passing through my server to one of my clients (a Freeserve.co.uk subscriber) for whom I operate MX services. I can see from my logs that subsequent mail to freeserve has gone through, via mail-in.pol.net.uk. The relevant IP address does not appear on any of the blacklists covered by the link below and the mail server is not promiscuously relaying. My conclusion is that freeserve had a temporary problem. Andrew
I have had this 'problem' of blacklisting once before, since I've started hosting my sites from behind my DSL at home. My particular IP at the time of the problem was 'blacklisted' because my ISP had my IP on a list of 'End Users' - ie, "shouldn't be sending out emails directly"... For the life of that IP, it was easiest just to set up sendmail to send out thru my ISP's SMTP server. Now that my IP has switched again, I don't seem to be having the blacklist problems, and have switched sendmail back to direct outward SMTP... HTH Geo -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE7yeYno2oOGEnz8fYRAkNOAJwLzEIlxAfNIO+0qPikL6lwLYIiJwCfbi9O noXJJAZ1rXtEi7R0zWYW1tY= =nAjO -----END PGP SIGNATURE-----
Ar Sunday 14 October 2001 7:34 pm, ysgrifenodd Andrew Hougie:
I don't think any of these replies are actually correct. I had exactly the same message from mail-in.pol.net.uk relating to some mail passing through my server to one of my clients (a Freeserve.co.uk subscriber) for whom I operate MX services. I can see from my logs that subsequent mail to freeserve has gone through, via mail-in.pol.net.uk. The relevant IP address does not appear on any of the blacklists covered by the link below and the mail server is not promiscuously relaying. My conclusion is that freeserve had a temporary problem. Andrew
Yeah, i think you're right. My situation is similar. I know we have a fixed ip, and connect through the janet (joint academic) network. We arent listed in any of the blacklisted sites everyone is submitted, so i'll assume its a temporary problem at freeserve's end. Thanks for everyone's suggestions Elf.
It's saying you're blacklisted. If you're running a mailer in promiscuous mode, and the fact can be detected from the outside, a fair number of mail-admin hosts will automatically blacklist you. Conversely, if you subscribe to an ISP that spammers operate from, your entire ISP's block of addresses may be blacklisted. Bear On Fri, 12 Oct 2001, elfed lewis wrote:
I got this message today (names have been changed to protect the innocent!). Is it saying i'm blacklisted, or the host i'm emailing to is blacklisted?
----------email-------------------
from localhost
� �----- The following addresses had permanent fatal errors ----- (email i'm mailing to) � � (expanded from: (their local alias name))
� �----- Transcript of session follows ----- ... while talking to mail-in.pol.net.uk.:(email i'm mailing to)
�RCPT To:
<<<�550- <<<�550 mail from (my emailer ip address) rejected: administrative prohibition (host is blacklisted) 550 (email i'm mailing to)... User unknown
----------email-------------------
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
I got this message today (names have been changed to protect the innocent!). Is it saying i'm blacklisted, or the host i'm emailing to is blacklisted?
----------email-------------------
from localhost
----- The following addresses had permanent fatal errors ----- (email i'm mailing to) (expanded from: (their local alias name))
----- Transcript of session follows ----- ... while talking to mail-in.pol.net.uk.:(email i'm mailing to)
RCPT To:
<<< 550- <<< 550 mail from (my emailer ip address) rejected: administrative prohibition (host is blacklisted) 550 (email i'm mailing to)... User unknown
----------email-------------------
Sorry for the long quote, but I didn't want to lose the context. Are you on a dialup line? Do you have an upstream mailhub you should have used? A useful reference is spam.abuse.net . There are lists of ip addresses out there for known spam domains, open relays and dial-up lines. If you fall into the latter, you will only be able to send mail through your ISP's hub to a host that uses these lists. To fix, just reconfigure your mailer to use the mailhub as its "smarthost". For example, if we are both on dial-ups, our mail path would be:- me -> my isp -> your isp -> you John
participants (7)
-
Andrew Hougie
-
Avi Schwartz
-
Boris Lorenz
-
elfed lewis
-
Fluffy Bananachunks
-
John Trickey
-
Ray Dillinger