Topic: Spam blocking with smtpfront-qmail HOWTO released

[wacko]

Hi Ray

first of all great howto :0) .. very informative

Which version of 6, v6.0 (Mitel release)or 6.0.1-01 (contribs.org release) ?

Im running the Mitel Release
[root@sme root]# rpm -q SMEServer
SMEServer-6.0-04

The basic instal is very simple, the rest of the howto is support information. Are you sure you did the following steps as a minimum ?

/sbin/e-smith/config setprop smtpfront-qmail RBLList sbl-xbl.spamhaus.org

/sbin/e-smith/expand-template /var/service/smtpfront-qmail/runenv

svc -t /service/smtpfront-qmail

The first step works fine, I installed multiple RBL lists, as shown below


[root@sme env]# /sbin/e-smith/db configuration getprop smtpfront-qmail RBLList

sbl-xbl.spamhaus.org:dsn.rfc-ignorant.org:postmaster.rfc-ignorant.org:abuse.rfc-ignorant.org:whois.rfc-ignorant.org:ipwhois.rfc-ignorant.org:bogusmx.rfc-ignorant.org:dnsbl.njabl.org:relays.ordb.org:dnsbl.sorbs.net:contacts.abuse.net:list.dsbl.org


the second step doesn't work and that error I posted earlier shows up, The third step works fine but obviously since te template isn't expanded this doesn't seem to action the RBL since nothing shows up in the logs either for the blocking

and yes the fragments DATABYTES  TCPLOCALHOST are visible but in the directory

/etc/e-smith/templates/var/service/smtpfront-qmail/env

not runenv, env is the only directory in the smtpfront-qmail directory.

Thnks for your help in advance
wc

[raem]

> and yes the fragments DATABYTES  TCPLOCALHOST are visible but in the directory
> /etc/e-smith/templates/var/service/smtpfront-qmail/env
> not runenv, env is the only directory in the smtpfront-qmail directory.


Wacko

Well there's the problem.

I have a standard v6.0 Mitel release without any updates and in
/etc/e-smith/templates/var/service/smtpfront-qmail/runenv
I see three fragments
00preamble
01Instances
10RBLLookup

If you don't have those then its not going to work.

As to why your server doesn't have them I do not know.
These are standard on the Mitel release and are NOT added in by any contrib.


Are you sure you server is standard, have you updated it at all ?

Is it the Mitel GPL release, you will see that brand name in server manager if it is, otherwise you will see the contribs.org logo.


I see your post here
http://forums.contribs.org/index.php?topic=21750.msg85986#msg85986
so you seem to be chasing the latest version updates


When I run

rpm -q SMEServer

I get
SMEserver-6.0-04


Can someone who is running any of the contribs.org releases/updates check and see if they have the abovementioned template fragments ?

Thanks

Regs
Ray

[raem]

I have uploaded the template fragments in case you want them, get them here.

http://mirror.contribs.org/smeserver/contribs/rmitchell/smeserver/templates/

They go in
/etc/e-smith/templates/var/service/smtpfront-qmail/runenv

Regs
Ray

[wyron]

Hi, Ray
I have a relatively fresh install of 6.0.1-01 and I can confirm that the template fragments are where they are supposed to be.
The rpm -q question also reveals my version to be 6.0-04
I have setup as per your howto (yesterday morning), and chosen a relatively conservative approach enabling only spamhaus for my RBLList.
The grep rblsmtpd query, though, stays conspicuously empty, and I still get some spam (though I have noted a definite decrease over the last week or so).
Normal behaviour, I hope, with my setup ?

[raem]

Dear wyron

OK, the template fragments are definitely "in" newer versions of the OS, so wacko & jesper must have a different problem.

You will find that all the lists in the conservative listing are OK to use, in my opinion.

You can use server manager View Logs to view the smtpfront-qmail/current log file and review all entries, looking for ones with rblsmtpd in them.

Perhaps your system has not detected any spam type messages as yet. Keep watching. If you include some (or all) of the other lists you will have a higher hit rate.

Regs
Ray

[Anonymous]

I have a relatively fresh install of 6.0.1-01 and I can confirm that the template fragments are where they are supposed to be.
The rpm -q question also reveals my version to be 6.0-04

That's not good. The 6.0.1-01 should come with a version of 6.0.1, don't you think?

[wyron]

I have a relatively fresh install of 6.0.1-01 and I can confirm that the template fragments are where they are supposed to be.
The rpm -q question also reveals my version to be 6.0-04

That's not good. The 6.0.1-01 should come with a version of 6.0.1, don't you think?

Hey - don't ask me !
Ask Ray, Jeff, RequestedDeletion, Darrell or whomever among the core people!
I just bow and say 'thank you very much' every time those guys come up with something ingenious.
I simply don't grasp enough mathematics to even remotely understand what they are doing, I just poke in my two-bits worth of observation when a request is whispered.
I have quite enough on my plate just being a domain and network admin (and perhaps (minimally) skilled SME server admin), don't you know?
PS! And please don't hide behind the much misused 'Guest' avatar.
It's too easy!
Stand up for your own questions, meanings or opinions, man (or woman)!

[byte]

I believe this _is_ correct as if you do rpm -qi SMESever you will see that it is release 4, of the 6.0 range from beta upwords? thats my only thinking of why it shows 6.0-04

As wyron says great work  

[wyron]

Exactly, byte !!!
For a moment there I clean forgot that there are no silly questions, only silly answers.
The joke's on me!

[raem]

As I understand it v6.0.1 from contribs.org, is essentally the same as v6.0 (6.0-04) from Mitel, except for mostly cosmetic (branding) changes and some minor updates.

I can't explain why some users don't see those template fragments, unless they are looking in the wrong place.

Regs
Ray

[Kevinm]

Gone through and added the sbl-xbl.spamhaus.org rbl and then the rebuild/restart etc.

If I tail -f the log files I can see the checks to spamhaus but no problem entries. In the last 8 hours there were 223 queries made to spamhaus but no errors (only 2 were valid emails). I manually tested the last one and spamhaus responded that it was listed in cbl.spamhaus.org. There is no mention of anything in the log files.

Looks like it isn't working. Any ideas?

Kevin

[raem]

Kevin
What do you get from
/sbin/e-smith/db configuration show smtpfront-qmail

Are you using v6.0 or better ?

Here is my log from today when I do
grep rblsmtpd /var/log/smtpfront-qmail/current | tai64nlocal

2004-04-18 00:08:13.920929500 rblsmtpd: 80.212.192.37 pid 18133: 451 Dynamic IP Address See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=80.212.192.37
2004-04-18 00:09:20.385803500 rblsmtpd: 81.255.54.11 pid 18171: 451 81.255.54.11 has inaccurate or missing WHOIS data at the RIR
2004-04-18 00:46:59.121483500 rblsmtpd: 203.14.30.18 pid 18901: 451 Spam Received See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=203.14.30.18
2004-04-18 01:12:07.928865500 rblsmtpd: 200.162.227.204 pid 19414: 451 http://www.spamhaus.org/query/bl?ip=200.162.227.204
2004-04-18 01:38:33.750438500 rblsmtpd: 65.182.137.160 pid 19912: 451 http://www.spamhaus.org/SBL/sbl.lasso?query=SBL12959
2004-04-18 01:40:03.168800500 rblsmtpd: 65.182.137.160 pid 19950: 451 http://www.spamhaus.org/SBL/sbl.lasso?query=SBL12959
2004-04-18 01:50:53.086670500 rblsmtpd: 67.169.143.244 pid 20171: 451 http://www.spamhaus.org/query/bl?ip=67.169.143.244
2004-04-18 01:58:15.710767500 rblsmtpd: 203.14.30.18 pid 20307: 451 Spam Received See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=203.14.30.18
2004-04-18 02:00:14.470134500 rblsmtpd: 24.123.181.251 pid 20373: 451 http://www.spamhaus.org/query/bl?ip=24.123.181.251
2004-04-18 02:16:51.519898500 rblsmtpd: 69.70.170.234 pid 20687: 451 http://www.spamhaus.org/query/bl?ip=69.70.170.234
2004-04-18 02:17:23.859590500 rblsmtpd: 80.34.208.67 pid 20688: 451 http://dsbl.org/listing?ip=80.34.208.67
2004-04-18 02:18:03.785804500 rblsmtpd: 219.133.157.184 pid 20709: 451 Inaccurate or missing WHOIS data
2004-04-18 02:18:23.670337500 rblsmtpd: 219.133.157.184 pid 20707: 451 Inaccurate or missing WHOIS data
2004-04-18 02:20:00.556820500 rblsmtpd: 128.230.178.130 pid 20747: 451 http://dsbl.org/listing?ip=128.230.178.130
2004-04-18 02:20:28.185022500 rblsmtpd: 128.61.43.32 pid 20769: 451 http://www.spamhaus.org/query/bl?ip=128.61.43.32
2004-04-18 02:33:26.092715500 rblsmtpd: 203.14.30.18 pid 21022: 451 Spam Received See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=203.14.30.18
2004-04-18 03:26:44.857181500 rblsmtpd: 148.233.218.157 pid 22067: 451 dynamic according to UNINET-Telmex -- 1066926626
2004-04-18 03:37:00.023876500 rblsmtpd: 203.14.30.18 pid 22268: 451 Spam Received See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=203.14.30.18
2004-04-18 04:10:54.898801500 rblsmtpd: 81.255.54.11 pid 23090: 451 Inaccurate or missing WHOIS data
2004-04-18 04:24:53.089244500 rblsmtpd: 68.37.22.64 pid 26240: 451 http://www.spamhaus.org/query/bl?ip=68.37.22.64
2004-04-18 04:51:30.314984500 rblsmtpd: 203.14.30.18 pid 26769: 451 Spam Received See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=203.14.30.18
2004-04-18 04:53:35.274219500 rblsmtpd: 24.59.27.216 pid 26809: 451 http://www.spamhaus.org/query/bl?ip=24.59.27.216
2004-04-18 04:53:59.911308500 rblsmtpd: 67.160.244.22 pid 26811: 451 Dynamic IP Address See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=67.160.244.22
2004-04-18 04:54:39.280323500 rblsmtpd: 4.62.75.84 pid 26830: 451 Inaccurate or missing WHOIS data
2004-04-18 05:33:09.608674500 rblsmtpd: 203.14.30.18 pid 27602: 451 Spam Received See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=203.14.30.18
2004-04-18 05:34:47.091881500 rblsmtpd: 61.10.210.13 pid 27604: 451 http://www.spamhaus.org/query/bl?ip=61.10.210.13
2004-04-18 05:36:37.307582500 rblsmtpd: 203.164.51.35 pid 27673: 451 Dynamic IP Address See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=203.164.51.35
2004-04-18 06:02:43.357117500 rblsmtpd: 24.59.136.23 pid 28193: 451 http://www.spamhaus.org/query/bl?ip=24.59.136.23
2004-04-18 06:02:58.401296500 rblsmtpd: 68.62.5.196 pid 28194: 451 Dynamic IP Address See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=68.62.5.196
2004-04-18 06:03:15.849888500 rblsmtpd: 66.122.246.167 pid 28196: 451 http://dsbl.org/listing?ip=66.122.246.167
2004-04-18 06:35:21.900869500 rblsmtpd: 24.241.193.204 pid 28844: 451 Dynamic IP Address See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=24.241.193.204
2004-04-18 06:35:26.417559500 rblsmtpd: 24.203.244.227 pid 28847: 451 http://www.spamhaus.org/query/bl?ip=24.203.244.227
2004-04-18 06:35:32.662329500 rblsmtpd: 203.14.30.18 pid 28846: 451 Spam Received See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=203.14.30.18
2004-04-18 06:35:35.182237500 rblsmtpd: 66.122.246.167 pid 28848: 451 http://dsbl.org/listing?ip=66.122.246.167
2004-04-18 06:57:58.958634500 rblsmtpd: 144.137.81.6 pid 29292: 451 Dynamic IP Address See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=144.137.81.6
2004-04-18 07:02:47.360592500 rblsmtpd: 220.127.103.105 pid 29399: 451 http://www.spamhaus.org/query/bl?ip=220.127.103.105
2004-04-18 07:38:57.700544500 rblsmtpd: 203.14.30.18 pid 30112: 451 Spam Received See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=203.14.30.18
2004-04-18 07:59:12.972161500 rblsmtpd: 200.171.99.17 pid 30526: 451 http://www.spamhaus.org/query/bl?ip=200.171.99.17
2004-04-18 07:59:13.982883500 rblsmtpd: 144.137.131.93 pid 30507: 451 Dynamic IP Address See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=144.137.131.93
2004-04-18 07:59:15.423527500 rblsmtpd: 66.188.149.213 pid 30527: 451 http://www.spamhaus.org/query/bl?ip=66.188.149.213
2004-04-18 08:33:07.696279500 rblsmtpd: 203.14.30.18 pid 31375: 451 Spam Received See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=203.14.30.18
2004-04-18 09:14:21.787482500 rblsmtpd: 203.19.127.46 pid 32474: 451 Dynamic IP Address See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=203.19.127.46
2004-04-18 09:15:53.202409500 rblsmtpd: 209.88.93.3 pid 32476: 451 Inaccurate or missing WHOIS data
2004-04-18 09:25:40.105675500 rblsmtpd: 203.19.127.46 pid 32745: 451 Dynamic IP Address See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=203.19.127.46
2004-04-18 09:36:29.491766500 rblsmtpd: 203.19.127.46 pid 795: 451 Dynamic IP Address See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=203.19.127.46
2004-04-18 09:49:44.883713500 rblsmtpd: 166.104.251.47 pid 1526: 451 http://www.spamhaus.org/query/bl?ip=166.104.251.47
2004-04-18 09:51:08.472365500 rblsmtpd: 141.150.249.31 pid 1589: 451 http://www.spamhaus.org/query/bl?ip=141.150.249.31
2004-04-18 10:01:23.964903500 rblsmtpd: 217.85.143.54 pid 1822: 451 Dynamic IP Address See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=217.85.143.54
2004-04-18 10:05:07.792048500 rblsmtpd: 203.14.30.18 pid 1911: 451 Spam Received See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=203.14.30.18
2004-04-18 10:17:57.703972500 rblsmtpd: 203.14.30.18 pid 2171: 451 Spam Received See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=203.14.30.18
2004-04-18 10:20:04.991080500 rblsmtpd: 144.137.125.245 pid 2210: 451 Dynamic IP Address See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=144.137.125.245
2004-04-18 10:20:05.060582500 rblsmtpd: 144.137.125.245 pid 2237: 451 Dynamic IP Address See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=144.137.125.245
2004-04-18 10:20:05.168212500 rblsmtpd: 144.137.125.245 pid 2211: 451 Dynamic IP Address See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=144.137.125.245
2004-04-18 10:20:05.473660500 rblsmtpd: 144.137.125.245 pid 2212: 451 Dynamic IP Address See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=144.137.125.245
2004-04-18 10:23:02.766604500 rblsmtpd: 68.41.252.37 pid 2301: 451 http://www.spamhaus.org/query/bl?ip=68.41.252.37
2004-04-18 10:23:10.217540500 rblsmtpd: 24.205.39.9 pid 2302: 451 Inaccurate or missing WHOIS data
2004-04-18 10:27:57.761041500 rblsmtpd: 81.40.136.30 pid 2378: 451 http://www.spamhaus.org/query/bl?ip=81.40.136.30
2004-04-18 10:30:39.071129500 rblsmtpd: 68.76.121.223 pid 2441: 451 swbell.net PPPoX DSL Pools -- 1071415970
2004-04-18 11:09:41.876789500 rblsmtpd: 219.144.194.18 pid 3269: 451 http://www.spamhaus.org/query/bl?ip=219.144.194.18
2004-04-18 11:24:37.167172500 rblsmtpd: 67.82.78.89 pid 3571: 451 http://www.spamhaus.org/query/bl?ip=67.82.78.89
2004-04-18 11:25:45.065019500 rblsmtpd: 203.14.30.18 pid 3591: 451 Spam Received See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=203.14.30.18
2004-04-18 11:27:44.492305500 rblsmtpd: 203.220.110.148 pid 3640: 451 Dynamic IP Address See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=203.220.110.148
2004-04-18 12:01:02.822342500 rblsmtpd: 201.8.63.45 pid 4318: 451 http://www.spamhaus.org/query/bl?ip=201.8.63.45
2004-04-18 12:01:22.763918500 rblsmtpd: 24.208.246.188 pid 4360: 451 Dynamic IP Address See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=24.208.246.188
2004-04-18 12:01:49.484213500 rblsmtpd: 217.96.226.168 pid 4361: 451 http://dsbl.org/listing?ip=217.96.226.168
2004-04-18 12:02:02.758363500 rblsmtpd: 68.124.97.204 pid 4363: 451 pacbell / swbell.net PPPoX pools -- 1070519899
2004-04-18 12:12:29.305414500 rblsmtpd: 81.255.54.11 pid 4603: 451 Inaccurate or missing WHOIS data
2004-04-18 12:38:56.762894500 rblsmtpd: 203.14.30.18 pid 5203: 451 Spam Received See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=203.14.30.18
2004-04-18 12:58:38.816080500 rblsmtpd: 213.122.146.139 pid 5655: 451 Dynamic IP Address See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=213.122.146.139
2004-04-18 12:59:33.745167500 rblsmtpd: 213.179.246.203 pid 5676: 451 http://www.spamhaus.org/query/bl?ip=213.179.246.203
2004-04-18 12:59:46.217785500 rblsmtpd: 213.182.201.120 pid 5678: 451 http://www.spamhaus.org/query/bl?ip=213.182.201.120
2004-04-18 13:02:01.696680500 rblsmtpd: 66.18.69.3 pid 5732: 451 Inaccurate or missing WHOIS data
2004-04-18 13:06:34.657127500 rblsmtpd: 66.137.84.177 pid 5845: 451 http://dsbl.org/listing?ip=66.137.84.177
2004-04-18 13:15:39.731900500 rblsmtpd: 24.118.73.11 pid 6043: 451 http://www.spamhaus.org/query/bl?ip=24.118.73.11
2004-04-18 13:35:11.621317500 rblsmtpd: 203.14.30.18 pid 6450: 451 Spam Received See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=203.14.30.18
2004-04-18 13:41:35.485554500 rblsmtpd: 24.60.44.8 pid 6589: 451 http://www.spamhaus.org/query/bl?ip=24.60.44.8
2004-04-18 14:00:55.113373500 rblsmtpd: 68.190.95.247 pid 6995: 451 http://www.spamhaus.org/query/bl?ip=68.190.95.247
2004-04-18 14:01:58.563481500 rblsmtpd: 66.18.69.3 pid 7021: 451 Inaccurate or missing WHOIS data
2004-04-18 14:02:02.856608500 rblsmtpd: 203.164.54.106 pid 7020: 451 Dynamic IP Address See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=203.164.54.106
2004-04-18 14:10:12.706525500 rblsmtpd: 203.220.110.140 pid 7186: 451 Dynamic IP Address See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=203.220.110.140
2004-04-18 14:27:26.610463500 rblsmtpd: 203.164.54.106 pid 7536: 451 Dynamic IP Address See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=203.164.54.106
2004-04-18 14:34:33.568418500 rblsmtpd: 211.243.122.211 pid 7734: 451 Inaccurate or missing WHOIS data
2004-04-18 14:34:46.840153500 rblsmtpd: 211.243.241.183 pid 7735: 451 Inaccurate or missing WHOIS data
2004-04-18 14:35:16.297696500 rblsmtpd: 203.14.30.18 pid 7754: 451 Spam Received See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=203.14.30.18
2004-04-18 14:36:50.461095500 rblsmtpd: 203.220.41.114 pid 7776: 451 Dynamic IP Address See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=203.220.41.114
2004-04-18 15:02:15.806530500 rblsmtpd: 66.18.69.3 pid 8294: 451 Inaccurate or missing WHOIS data
2004-04-18 15:39:23.203806500 rblsmtpd: 203.14.30.18 pid 9022: 451 Spam Received See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=203.14.30.18
2004-04-18 16:02:02.020430500 rblsmtpd: 66.18.69.3 pid 9461: 451 Inaccurate or missing WHOIS data
2004-04-18 16:24:44.054963500 rblsmtpd: 203.14.30.18 pid 9905: 451 Spam Received See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=203.14.30.18
2004-04-18 16:53:34.084868500 rblsmtpd: 202.88.230.250 pid 10481: 451 http://www.spamhaus.org/query/bl?ip=202.88.230.250
2004-04-18 17:02:22.522773500 rblsmtpd: 66.18.69.3 pid 10669: 451 Inaccurate or missing WHOIS data
2004-04-18 17:07:31.637552500 rblsmtpd: 203.164.77.58 pid 10765: 451 Dynamic IP Address See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=203.164.77.58
2004-04-18 17:21:08.716315500 rblsmtpd: 172.178.255.229 pid 11023: 451 Dynamic IP Address See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=172.178.255.229
2004-04-18 17:29:54.945886500 rblsmtpd: 65.182.134.222 pid 11207: 451 http://www.spamhaus.org/SBL/sbl.lasso?query=SBL12959
2004-04-18 17:41:43.730627500 rblsmtpd: 144.137.162.140 pid 11447: 451 Dynamic IP Address See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=144.137.162.140
2004-04-18 17:43:29.367646500 rblsmtpd: 203.14.30.18 pid 11485: 451 Spam Received See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=203.14.30.18
2004-04-18 18:02:05.206528500 rblsmtpd: 66.18.69.3 pid 11902: 451 Inaccurate or missing WHOIS data
2004-04-18 18:06:54.634075500 rblsmtpd: 68.41.80.28 pid 11997: 451 http://www.spamhaus.org/query/bl?ip=68.41.80.28
2004-04-18 18:07:18.508474500 rblsmtpd: 66.30.242.99 pid 11999: 451 http://dsbl.org/listing?ip=66.30.242.99
2004-04-18 18:09:33.507633500 rblsmtpd: 62.248.188.82 pid 12077: 451 Dynamic IP Address See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=62.248.188.82
2004-04-18 18:20:09.666993500 rblsmtpd: 203.14.30.18 pid 12297: 451 Spam Received See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=203.14.30.18
2004-04-18 19:01:54.814475500 rblsmtpd: 66.18.69.3 pid 13097: 451 Inaccurate or missing WHOIS data
2004-04-18 19:16:56.682694500 rblsmtpd: 195.56.220.188 pid 13389: 451 http://www.spamhaus.org/query/bl?ip=195.56.220.188
2004-04-18 19:17:20.941857500 rblsmtpd: 200.104.139.240 pid 13409: 451 http://www.spamhaus.org/query/bl?ip=200.104.139.240
2004-04-18 19:17:31.384435500 rblsmtpd: 198.142.70.156 pid 13410: 451 Dynamic IP Address See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=198.142.70.156
2004-04-18 19:18:20.779385500 rblsmtpd: 200.140.154.248 pid 13431: 451 http://www.spamhaus.org/query/bl?ip=200.140.154.248
2004-04-18 19:18:38.566037500 rblsmtpd: 200.176.192.191 pid 13432: 451 http://www.spamhaus.org/query/bl?ip=200.176.192.191
2004-04-18 19:18:47.758645500 rblsmtpd: 200.221.138.49 pid 13433: 451 http://www.spamhaus.org/query/bl?ip=200.221.138.49
2004-04-18 19:38:21.424880500 rblsmtpd: 66.61.111.194 pid 13821: 451 http://www.spamhaus.org/query/bl?ip=66.61.111.194
2004-04-18 19:38:32.051848500 rblsmtpd: 203.14.30.18 pid 13822: 451 Spam Received See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=203.14.30.18
2004-04-18 20:02:06.475668500 rblsmtpd: 66.18.69.3 pid 14283: 451 Inaccurate or missing WHOIS data
2004-04-18 20:09:51.771370500 rblsmtpd: 80.212.200.33 pid 14434: 451 Dynamic IP Address See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=80.212.200.33
2004-04-18 20:14:27.657032500 rblsmtpd: 203.51.9.78 pid 14531: 451 Dynamic IP Address See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=203.51.9.78
2004-04-18 20:14:27.767524500 rblsmtpd: 203.51.9.78 pid 14530: 451 Dynamic IP Address See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=203.51.9.78
2004-04-18 20:14:27.981157500 rblsmtpd: 203.51.9.78 pid 14532: 451 Dynamic IP Address See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=203.51.9.78
2004-04-18 20:14:28.088637500 rblsmtpd: 203.51.9.78 pid 14529: 451 Dynamic IP Address See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=203.51.9.78
2004-04-18 20:14:39.637043500 rblsmtpd: 81.255.54.11 pid 14533: 451 Inaccurate or missing WHOIS data
2004-04-18 20:33:25.087851500 rblsmtpd: 203.14.30.18 pid 14917: 451 Spam Received See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=203.14.30.18
2004-04-18 20:38:21.976991500 rblsmtpd: 203.164.16.247 pid 15013: 451 Dynamic IP Address See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=203.164.16.247
2004-04-18 20:58:48.337543500 rblsmtpd: 203.51.9.78 pid 15497: 451 Dynamic IP Address See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=203.51.9.78
2004-04-18 20:58:48.881861500 rblsmtpd: 203.51.9.78 pid 15495: 451 Dynamic IP Address See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=203.51.9.78
2004-04-18 20:58:48.923317500 rblsmtpd: 203.51.9.78 pid 15494: 451 Dynamic IP Address See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=203.51.9.78
2004-04-18 20:58:48.965428500 rblsmtpd: 203.51.9.78 pid 15496: 451 Dynamic IP Address See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=203.51.9.78
2004-04-18 21:01:56.183012500 rblsmtpd: 66.18.69.3 pid 15566: 451 Inaccurate or missing WHOIS data
2004-04-18 21:14:10.626639500 rblsmtpd: 203.14.30.18 pid 15814: 451 Spam Received See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=203.14.30.18
2004-04-18 21:14:33.403058500 rblsmtpd: 69.164.93.170 pid 15816: 451 http://www.spamhaus.org/query/bl?ip=69.164.93.170
2004-04-18 21:14:37.189423500 rblsmtpd: 66.57.91.91 pid 15817: 451 http://www.spamhaus.org/query/bl?ip=66.57.91.91
2004-04-18 21:14:37.732303500 rblsmtpd: 24.8.56.175 pid 15818: 451 http://www.spamhaus.org/query/bl?ip=24.8.56.175
2004-04-18 21:14:43.041206500 rblsmtpd: 212.97.182.1 pid 15815: 451 Dynamic IP Address See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=212.97.182.1
2004-04-18 21:19:25.278645500 rblsmtpd: 12.202.203.106 pid 15918: 451 http://www.spamhaus.org/query/bl?ip=12.202.203.106

Regs
Ray

[Kevinm]

Hi Ray

If I take the last few lines from your log

2004-04-18 20:58:48.923317500 rblsmtpd: 203.51.9.78 pid 15494: 451 Dynamic IP Address See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=203.51.9.78
2004-04-18 20:58:48.965428500 rblsmtpd: 203.51.9.78 pid 15496: 451 Dynamic IP Address See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=203.51.9.78
2004-04-18 21:01:56.183012500 rblsmtpd: 66.18.69.3 pid 15566: 451 Inaccurate or missing WHOIS data
2004-04-18 21:14:10.626639500 rblsmtpd: 203.14.30.18 pid 15814: 451 Spam Received See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=203.14.30.18
2004-04-18 21:14:33.403058500 rblsmtpd: 69.164.93.170 pid 15816: 451 http://www.spamhaus.org/query/bl?ip=69.164.93.170
2004-04-18 21:14:37.189423500 rblsmtpd: 66.57.91.91 pid 15817: 451 http://www.spamhaus.org/query/bl?ip=66.57.91.91
2004-04-18 21:14:37.732303500 rblsmtpd: 24.8.56.175 pid 15818: 451 http://www.spamhaus.org/query/bl?ip=24.8.56.175
2004-04-18 21:14:43.041206500 rblsmtpd: 212.97.182.1 pid 15815: 451 Dynamic IP Address See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=212.97.182.1
2004-04-18 21:19:25.278645500 rblsmtpd: 12.202.203.106 pid 15918: 451 http://www.spamhaus.org/query/bl?ip=12.202.203.106

The lines similar to

2004-04-18 21:14:37.732303500 rblsmtpd: 24.8.56.175 pid 15818: 451 http://www.spamhaus.org/query/bl?ip=24.8.56.175

...are all I see. Since I set it up the box has received  maybe 2000 spam mail and that is all I am seeing. It is 6.0.b4 not 6.0.1 so I am going to try a clean install and will see what happens with that. That will be this weekend (since it is 200km away) so will get back after that.

Many thanks
kevin

[raem]

> The lines similar to
>2004-04-18 21:14:37.732303500 rblsmtpd: 24.8.56.175 > pid 15818: 451 http://www.spamhaus.org/query/bl?
> ip=24.8.56.175

> ...are all I see. Since I set it up the box has
> received  maybe 2000 spam mail and that is all I
> am seeing.

When you say "seeing", do you mean "seeing 2000 entries in the log" or do you mean your user accounts have received 2000 spam messages.
The log entries are the rejections, and you should not receive those particular messages as they are rejected by the server. The reasons are generally shown, see my logs.

If you have only enabled the spamhaus rbl then you will only see spamhaus entries, try enabling some more lists. I have all the lists in the howto enabled.


> It is 6.0.b4 not 6.0.1 so I am going to try a clean install and will see what happens with that.

I can't say if this works on the v6 beta, but it does work on v6.0 Mitel final and 6.0.1 contribs.org versions.

Regs
Ray

[fostware]

For those without the runenv templates, run
rpm -qi e-smith-mailfront


On an upgraded 5.6 to 6.0 it's got
Name        : e-smith-mailfront            
Version     : 1.2.0                            
Release     : 01
Build Date: Fri 27 Jun 2003 04:12:22 AM WST
Install date: Mon 06 Oct 2003 01:23:36 PM WST
Build Host: sardine.nssg.mitel.com


whereas a fresh 6.0 (+sp4) produces

Name        : e-smith-mailfront
Version     : 1.3.0                             Release     : 11
Build Date: Thu 11 Sep 2003 06:06:30 AM WST
Install date: Sat 10 Jan 2004 07:51:05 AM WST
Build Host: sme60build.nssg.mitel.com

It looks as though upgrades didn't touch e-smith-mailfront, but that's just odd...
Also,just having the templates does nothing. The run command for 1.3.0 specifically runs runenv if it's available. 1.2.0 doesn't even know about it.

AFAIK Gordon Rowell is up to e-smith-mailfront 1.5.0 (and the matched mailfront 0.91-3es), but I can't find where I got them from