[Postfixbuch-users] Gurkenserver bei orange.fr

Mi Apr 29 14:40:59 CEST 2009

Robert Felber, Mittwoch 29 April 2009: 

> Micht taet ja da mal der tatsaechliche Ablehnungsgrund
> interessieren.
>
> (grep policyd-weight.*smtp2b.orange /some/where/maillog)

# grep policyd-weight.*smtp2b.orange /var/log/mail
Apr 28 18:19:26 mailsrv postfix/policyd-weight[3142]: weighted 
check:  NOT_IN_SBL_XBL_SPAMHAUS=-1.5 NOT_IN_SPAMCOP=-1.5 
NOT_IN_BL_NJABL=-1.5 DSBL_ORG=SKIP(0) CL_IP_EQ_HELO_IP=-2 (check 
from: .centrepompidou-metz. - helo: .smtp2b.orange. - 
helo-domain: .orange.)  FROM/MX_MATCHES_NOT_HELO(DOMAIN)=1; 
<client=80.12.242.146> <helo=smtp2b.orange.fr> 
<from=[Absenderadresse]> <to=[Empfaengeradresse]>; rate: -5.5
Apr 28 18:19:26 mailsrv postfix/policyd-weight[3142]: decided 
action=PREPEND X-policyd-weight:  NOT_IN_SBL_XBL_SPAMHAUS=-1.5 
NOT_IN_SPAMCOP=-1.5 NOT_IN_BL_NJABL=-1.5 DSBL_ORG=SKIP(0) 
CL_IP_EQ_HELO_IP=-2 (check from: .centrepompidou-metz. - 
helo: .smtp2b.orange. - helo-domain: .orange.)  
FROM/MX_MATCHES_NOT_HELO(DOMAIN)=1; rate: -5.5; 
<client=80.12.242.146> <helo=smtp2b.orange.fr> 
<from=[Absenderadresse]> <to=[Empfaengeradresse]>; delay: 1s
Apr 28 19:28:39 mailsrv postfix/policyd-weight[17729]: decided 
action=550 temporarily blocked because of previous errors - 
retrying too fast. penalty: 30 seconds x 0 retries.; 
<client=80.12.242.144> <helo=smtp2b.orange.fr> 
<from=[Absenderadresse]> <to=[Empfaengeradresse]>; delay: 0s

Also in früheren Logs graben:

# bzgrep policyd-weight.*smtp2b.orange /var/log/mail-20090*
/var/log/mail-20090424.bz2:Apr 23 10:48:33 mailsrv 
postfix/policyd-weight[17729]: decided action=550 Mail appeared to 
be SPAM or forged. Ask your Mail/DNS-Administrator to correct HELO 
and DNS MX settings or to get removed from DNSBLs; please relay via 
your ISP (maetva.com); <client=80.12.242.145> 
<helo=smtp2b.orange.fr> <from=[local-part]@maetva.com> 
<to=[Empfaengeradresse]>; delay: 1s
/var/log/mail-20090424.bz2:Apr 23 12:25:13 mailsrv 
postfix/policyd-weight[3142]: weighted check:  
NOT_IN_SBL_XBL_SPAMHAUS=-1.5 NOT_IN_SPAMCOP=-1.5 
NOT_IN_BL_NJABL=-1.5 DSBL_ORG=SKIP(0) IN_IX_MANITU=4.35 
CL_IP_EQ_HELO_IP=-2 (check from: .maetva. - helo: .smtp2b.orange. - 
helo-domain: .orange.)  FROM/MX_MATCHES_NOT_HELO(DOMAIN)=2.087 
CLIENT_NOT_MX/A_FROM_DOMAIN=5.85 
CLIENT/24_NOT_MX/A_FROM_DOMAIN=5.85; <client=80.12.242.144> 
<helo=smtp2b.orange.fr> <from=[local-part]@maetva.com> 
<to=[Empfaengeradresse]>; rate: 11.637
/var/log/mail-20090424.bz2:Apr 23 12:25:14 mailsrv 
postfix/policyd-weight[3142]: decided action=550 Mail appeared to 
be SPAM or forged. Ask your Mail/DNS-Administrator to correct HELO 
and DNS MX settings or to get removed from DNSBLs; please relay via 
your ISP (maetva.com); <client=80.12.242.144> 
<helo=smtp2b.orange.fr> <from=[local-part]@maetva.com> 
<to=[Empfaengeradresse]>; delay: 1s
/var/log/mail-20090424.bz2:Apr 23 12:25:14 mailsrv 
postfix/policyd-weight[3142]: decided action=550 Mail appeared to 
be SPAM or forged. Ask your Mail/DNS-Administrator to correct HELO 
and DNS MX settings or to get removed from DNSBLs (multirecipient 
mail); <client=80.12.242.144> <helo=smtp2b.orange.fr> 
<from=[local-part]@maetva.com> <to=[Empfaengeradresse]>; delay: 0s

orange.fr ist halt der größte in Frankreich, und alle laden dort 
ihre Mails ab. Dann paßt natürlich weder HELO noch MX...

Welche Möglichkeiten hätte ich denn noch, außer check_client_access, 
und dann dort alle Clients listen, die orange.fr so nutzt?

-- 
Andre Tann