are you doing sender address verification? - SpamAssassin

This is a discussion on are you doing sender address verification? - SpamAssassin ; ...

+ Reply to Thread
Results 1 to 5 of 5

Thread: are you doing sender address verification?

  1. Re: are you doing sender address verification?


  2. are you doing sender address verification?

    Just conjecture at this point, but it seems as though whenever I send an
    email to the SA mailing list, I receive sender address verification requests
    from:

    chlothar.bnv-bamberg.de
    sam.metaphysis.net

    Over the course of a few days, I see these requests soon after my messages
    are accepted by an apache.org MX. Is there a link? Just a coincidence? Is
    anyone else experiencing similar behavior? Thanks.

    --
    Sahil Tandon


  3. Re: are you doing sender address verification?

    At 19:10 17-06-2008, Sahil Tandon wrote:
    >Just conjecture at this point, but it seems as though whenever I send an
    >email to the SA mailing list, I receive sender address verification requests
    >from:
    >
    >chlothar.bnv-bamberg.de
    >sam.metaphysis.net


    I see connections from these two hosts. If they are doing sender
    address verification, it is incorrectly done as the domain of the
    sender is spamassassin.apache.org and not the one in the From: header.

    Regards,
    -sm


  4. Re: are you doing sender address verification?

    > At 19:10 17-06-2008, Sahil Tandon wrote:
    > >Just conjecture at this point, but it seems as though whenever I send an
    > >email to the SA mailing list, I receive sender address verification
    > >requests
    > >from:
    > >
    > >chlothar.bnv-bamberg.de
    > >sam.metaphysis.net


    On 17.06.08 23:47, SM wrote:
    > I see connections from these two hosts. If they are doing sender
    > address verification, it is incorrectly done as the domain of the
    > sender is spamassassin.apache.org and not the one in the From: header.


    I see them too, funny:

    Jun 16 09:44:42 fantomas sm-mta[28820]: m5G7iVEu028820: from=, size=0, class=0, nrcpts=1, proto=SMTP, daemon=MTA-v4, relay=sam.metaphysis.net [85.10.207.80]
    Jun 16 09:45:30 fantomas sm-mta[28840]: m5G7jPDq028840: rejecting commands from chlothar.bnv-bamberg.de [217.146.130.193] due to pre-greeting traffic
    Jun 16 09:45:41 fantomas sm-mta[28843]: m5G7jacb028843: rejecting commands from chlothar.bnv-bamberg.de [217.146.130.193] due to pre-greeting traffic
    Jun 16 12:00:55 fantomas sm-mta[30726]: m5GA0oGS030726: rejecting commands from chlothar.bnv-bamberg.de [217.146.130.193] due to pre-greeting traffic
    Jun 16 14:16:06 fantomas sm-mta[32322]: m5GCG2HY032322: rejecting commands from chlothar.bnv-bamberg.de [217.146.130.193] due to pre-greeting traffic
    Jun 17 10:18:57 fantomas sm-mta[14338]: m5H8IkSZ014338: from=, size=0, class=0, nrcpts=1, proto=SMTP, daemon=MTA-v4, relay=sam.metaphysis.net [85.10.207.80]
    Jun 17 10:19:00 fantomas sm-mta[14341]: m5H8IuSQ014341: rejecting commands from chlothar.bnv-bamberg.de [217.146.130.193] due to pre-greeting traffic
    Jun 17 13:47:34 fantomas sm-mta[17629]: m5HBlTxT017629: rejecting commands from chlothar.bnv-bamberg.de [217.146.130.193] due to pre-greeting traffic
    Jun 17 18:01:38 fantomas sm-mta[21695]: m5HG1XCg021695: rejecting commands from chlothar.bnv-bamberg.de [217.146.130.193] due to pre-greeting traffic
    Jun 18 08:40:53 fantomas sm-mta[32080]: m5I6emRW032080: rejecting commands from chlothar.bnv-bamberg.de [217.146.130.193] due to pre-greeting traffic
    Jun 18 08:54:31 fantomas sm-mta[768]: m5I6sQDn000768: rejecting commands from chlothar.bnv-bamberg.de [217.146.130.193] due to pre-greeting traffic

    --
    Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
    Warning: I wish NOT to receive e-mail advertising to this address.
    Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
    Microsoft dick is soft to do no harm


  5. Re: are you doing sender address verification?

    Sahil Tandon wrote:

    > email to the SA mailing list, I receive sender address verification requests
    > from:
    > chlothar.bnv-bamberg.de
    > sam.metaphysis.net


    Looking in our recent logs I can't see any SAV checks from them,
    but I do see connections from both hosts where they send a MAIL
    FROM but no RCPT TO.

    It's possible that they're checking if *we* do SAV at MAIL FROM.
    Or maybe they are just checking if we're willing to accept mail
    from and .

    > sam.metaphysis.net


    That system seems to be doing some sort of testing:

    /var/log/maillog.3.bz2:Jun 14 16:55:02 chip mimedefang.pl[171]:
    m5EEt1Ld004251:
    mdstats;reject;unknown_user;,
    [10.0.6.11];85.10.207.80;sam.metaphysis.net;sam.metaphysis.ne t;;

    It's possible that they are checking if *we* are a backscatter
    source. Otherwise I've no idea why they are trying to send to
    that (unexistant) address.

    Regards
    /Jonas
    --
    Jonas Eckerman, FSDB & Fruktträdet
    http://whatever.frukt.org/
    http://www.fsdb.org/
    http://www.frukt.org/


+ Reply to Thread