From: Hilario F. S. <ass...@so...> - 2009-10-29 23:55:36
|
I've tried the new 1.6.0 (0.4.07) and it is almost there: The log now shows the "[SMTP Error] 554 5.7.2 Service denied" message. That is good. But the sending server persists retrying till the timeout. The same server acknowledges immediately when it receives a (SpamError) "554 5.7.1 Mail (SESSIONID) appears to be unsolicited" message as a result of a match in (blackListedDomains). For me it looks like as if ASSP had logged it, but not really sent the 554 error (or something like that). Of course this is just a feeling as I did not check (sniff) the packets exchanged by the servers. (and pls excuse my bad English) All the best Fochi ===================================================================================================== I see that a new parameter (DenyError) was introduced. But I did not see it working yet. Please let me know if I missed anything or what I should do to enable the use of (DenyError). The lines bellow are the only log files I see for IP blocked by denySMTPConnectionsFromAlways 2009-10-28 16:34:41 <> IP 11.11.11.11 (11.11.11.11 redcapemail) matches denySMTPConnectionsFromAlways; 2009-10-28 16:34:41 <> 11.11.11.11:59526 strictly denied by denySMTPConnectionsFromAlways or droplist: 11.11.11.11 redcapemail; Thanks, Fochi ===================================================================================================== quote "if one doesn't give a heck about RFCs ... just drop it" On the opposite, I'm not an expert in RFCs but I think the closest it comes to RFC, the best. In my tests, when I use denySMTPConnectionsFromAlways, I thought I should have an immediate return from my external server with the failure reason. But I did not receive any hint that the mail was not delivered. Thus I suppose ASSP is just dropping the connection without a 4xx or 5xx or whatever. Thus I just wish that whenever ASSP rejects a connection, it informs the offending server that the mail will not be delivered. (be it 4xx, 5xx or whatever makes sense and adheres to pertinent RFCs) That way, users that send mails to our beloved ASSP server, will know high away that their mail wasn't delivered and take the necessary action (for example call our users and ask for whitelist inclusion) Fochi ================================================== I am testing (denySMTPConnectionsFromAlways) and noticed that apparently it does not send a 5xx error message. In cases where this is a false positive, the unfortunate senders will never know their mail did not reach the final destination. Should it have a parameter were admins could set ASSP to send the 500 error message for the denySMTPConnectionsFromAlways? Fochi |