Mailing List Archive

It might be worth you taking a look at
http://public.pacbell.net/dedicated/cidr.html which describes the CIDR
notation rather well.

Regards,
Paul

> -----Original Message-----
> From: Cory Daehn [mailto:cdaehn@pobox.com]
> Sent: 10 June 2002 02:44
> To: 'Suresh Ramasubramanian'; 'Exim-User (E-mail)'
> Subject: RE: [Exim] Re: Mail relay problems
>
>
> Chances are, most of my spam isn't going to come from a user
> on the SBC
> DSL/dialup class B block. It seems the majority of the spam I get and
> attempted spamming through my server seems to come from
> Russia, Germany,
> Korea, Taiwan, and Thailand. A lot of it has a return
> address ending in
> .cn but I really doubt China is allowing spammers to set up shop, and
> most of the returned mail to those addresses bounces.
>
> -----Original Message-----
> From: exim-users-admin@exim.org [mailto:exim-users-admin@exim.org] On
> Behalf Of Suresh Ramasubramanian
> Sent: Sunday, June 09, 2002 6:21 PM
> To: exim-users@exim.org
> Subject: [Exim] Re: Mail relay problems
>
>
> +++ Cory Daehn [exim-users] <09/06/02 18:01 -0500>:
> > On another note... How do I get exim to relay for an entire class B
> > domain? I have a client that uses SBC's DSL and they keep having
> > their
>
> Exim uses CIDR notation. 64.217.0.0/16 would be the way to
> go. [.hint:
> that part after the / is not the number of IPs ...]
>
> And if you would really want to do that instead of setting up
> AUTH, you
> might just as well configure yourself as an open relay.
>
> -srs
>
> --
>
> ## List details at
> http://www.exim.org/mailman/listinfo/exim-users Exim
> details at http://www.exim.org/ ##
>
>
>
>
>
> --
>
> ## List details at
> http://www.exim.org/mailman/listinfo/exim-users Exim details
> at http://www.exim.org/ ##
>

I actually found the RFC and read it. That was pretty explanatory
itself.

-----Original Message-----
From: Paul Walsh [mailto:Paul.Walsh@uce.ac.uk]
Sent: Monday, June 10, 2002 2:27 AM
To: 'Cory Daehn'; 'Exim-User (E-mail)'
Subject: RE: [Exim] Re: Mail relay problems


It might be worth you taking a look at
http://public.pacbell.net/dedicated/cidr.html which describes the CIDR
notation rather well.

Regards,
Paul

> -----Original Message-----
> From: Cory Daehn [mailto:cdaehn@pobox.com]
> Sent: 10 June 2002 02:44
> To: 'Suresh Ramasubramanian'; 'Exim-User (E-mail)'
> Subject: RE: [Exim] Re: Mail relay problems
>
>
> Chances are, most of my spam isn't going to come from a user
> on the SBC
> DSL/dialup class B block. It seems the majority of the spam I get and
> attempted spamming through my server seems to come from
> Russia, Germany,
> Korea, Taiwan, and Thailand. A lot of it has a return
> address ending in
> .cn but I really doubt China is allowing spammers to set up shop, and
> most of the returned mail to those addresses bounces.
>
> -----Original Message-----
> From: exim-users-admin@exim.org [mailto:exim-users-admin@exim.org] On
> Behalf Of Suresh Ramasubramanian
> Sent: Sunday, June 09, 2002 6:21 PM
> To: exim-users@exim.org
> Subject: [Exim] Re: Mail relay problems
>
>
> +++ Cory Daehn [exim-users] <09/06/02 18:01 -0500>:
> > On another note... How do I get exim to relay for an entire class B
> > domain? I have a client that uses SBC's DSL and they keep having
> > their
>
> Exim uses CIDR notation. 64.217.0.0/16 would be the way to
> go. [.hint:
> that part after the / is not the number of IPs ...]
>
> And if you would really want to do that instead of setting up
> AUTH, you
> might just as well configure yourself as an open relay.
>
> -srs
>
> --
>
> ## List details at
> http://www.exim.org/mailman/listinfo/exim-users Exim
> details at http://www.exim.org/ ##
>
>
>
>
>
> --
>
> ## List details at
> http://www.exim.org/mailman/listinfo/exim-users Exim details
> at http://www.exim.org/ ##
>

On Sun, Jun 09, 2002 at 06:45:38PM -0500, Derrick 'dman' Hudson wrote:
> On the positive side, I don't actually reject much junk anymore. I
> think my address must have been marked as bad on the spam lists since
> the spam couldn't get through :-).

Please let me know how you did this, I've been rejecting large amounts
of spam for at least a year, and I've seen no drop in the levels. Though
I am starting to see more coming to my role list-posting addresses.

But that's pretty easy to filter, I just send everything that doesn't come
from the list to those addresses to a spam folder.

MBM

--
Matthew Byng-Maddick <mbm@colondot.net> http://colondot.net/

On Sun, 9 Jun 2002, Cory Daehn wrote:

> On another note... How do I get exim to relay for an entire class B
> domain? I have a client that uses SBC's DSL and they keep having their
> IP change from one class C to another, but within the same class C.
> According to ARIN the entire class B block belongs to SBC
> Communications, and I'd like to just enable it from there. Same thing
> for University of Texas' dialup account IP's.


They have a /24, and it keeps changing? Thats insane..

>
> I tried this:
>
> 64.217.0.0/65536
>
> but it doesn't seem to be working... Any suggestions?

As someone else pointed out, /16 is what you want. This is CIDR
notation, in the event you wanted to google for documentation.

However, you might be better of setting up SMTP AUTH.

It is almost never a good idea to add networks that *YOU* do not
directly control/own to host_accept_relay.


> -----Original Message-----
> From: exim-users-admin@exim.org [mailto:exim-users-admin@exim.org] On
> Behalf Of Andy Coy
> Sent: Sunday, June 09, 2002 10:57 AM
> To: exim
> Subject: RE: [Exim] Re: Mail relay problems
>
>
> post# sendmail -bP host_accept_relay
> host_accept_relay =
> localhost:127.0.0.1:212.1.128.0/19:62.6.186.226:80.40/13:212.74.96.0/19:
> 212.
> 159.128.0/18:62.64.128.0/19:212.139.32.0/19:212.139.128.0/17:213.123.76.
> 0/23
> :62.7.125.0/24:62.7.126.0/24:62.7.127.0/24:80.225/16
> post#
>
> I think I have fixed most of it. At the end of the long list of IP's I
> added *.tiscali.com and suddenley it's started to relay. I beleive the
> problem to be down to the 'funky' DNS someone else mentioned earlier.
>
>
>
>
>
>
>
> --
>
> ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim
> details at http://www.exim.org/ ##
>
>
>
>
>
> --
>
> ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ##
>
>


--

On Sun, 9 Jun 2002, Cory Daehn wrote:

> So 16 is the bits? Should my Class C entries be /8 or /256?

Its the bits of the network, not the hosts.

So what you think of as a "Class C" is really a /24

Classed addresses are obsolete. Again, google for "CIDR"


This diagram might be helpful:

8 16 24 32
| | | |
255.255.255.255


If you had 10.0.0.0/8, thats 10.0.0.0 thru 10.255.255.255

If you had 10.0.0.0/24, thats 10.0.0.0 thru 10.0.0.255

But with CIDR, you dont have to just break on 8, 16, and 24.

You could also have, 10.0.0.0/9, which would be 10.0.0.0 thru
10.127.255.255

Or 10.0.0.0/12, 10.0.0.0 thru 10.240.255.255

Or 10.0.0.0/23, 10.0.0.0 thru 10.0.0.1.255.


>
> -----Original Message-----
> From: exim-users-admin@exim.org [mailto:exim-users-admin@exim.org] On
> Behalf Of Patrick Boutilier
> Sent: Sunday, June 09, 2002 6:19 PM
> To: exim-users
> Subject: Re: [Exim] Mail relay problems
>
>
> 64.217.0.0/16
>
>
> Cory Daehn wrote:
> > On another note... How do I get exim to relay for an entire class B
> > domain? I have a client that uses SBC's DSL and they keep having
> > their IP change from one class C to another, but within the same class
>
> > C. According to ARIN the entire class B block belongs to SBC
> > Communications, and I'd like to just enable it from there. Same thing
>
> > for University of Texas' dialup account IP's.
> >
> > I tried this:
> >
> > 64.217.0.0/65536
> >
> > but it doesn't seem to be working... Any suggestions?
> >
> >
>
>
> --
>
> ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim
> details at http://www.exim.org/ ##
>
>
>
>
>
> --
>
> ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ##
>
>


--

Andy,

Have you tried using 80.40.0.0/13 in your exim configure file instead of
80.40/13?





Andy Coy wrote:
> OK Chaps, this is it the full transcript of what happens. It says is host in
> host_accept_relay no. Host is id'd as 127.0.0.1, localhost. I added that to
> the config file and then stopped and restarted exim and it still does not
> work. It must be something to do with the config file. Should there be a
> space between IP'S and : such as 127.0.0.1 : 127.0.0.1 or as I have it
> 127.0.0.1:127.0.0.1. Or have I not understood the transcript properly and
> it's saying that 80.47.5.28 isn't in the host_accept_relay, it is as
> 80.40/13.
>
>
>
> listening on port 25...
> Connection request from 80.47.5.28
> 1 SMTP accept process running
> interface address = 212.1.130.77
> listening on port 25...
> host in rfc1413_hosts? yes (*)
> sender_fullhost = [80.47.5.28]
> sender_rcvhost = [80.47.5.28]
> Process 76186 is handling incoming connection from [80.47.5.28]
> host in host_lookup? yes (0.0.0.0/0)
> looking up host name for 80.47.5.28
> IP address lookup yielded dial-80-47-5-28.access.uk.tiscali.com
> Actual local interface address is 212.1.130.77
> Actual local interface address is 127.0.0.1
> dial-80-47-5-28.access.uk.tiscali.com 80.47.5.28 -1
> sender_fullhost = dial-80-47-5-28.access.uk.tiscali.com [80.47.5.28]
> sender_rcvhost = dial-80-47-5-28.access.uk.tiscali.com ([80.47.5.28])
> set_process_info: 76186 3.13 handling incoming connection from
> dial-80-47-5-28.access.uk.tiscali.com [80.47.5.28]
> host in host_reject? no (option unset)
> host in host_reject_recipients? no (option unset)
> host in sender_unqualified_hosts? no (option unset)
> host in receiver_unqualified_hosts? no (option unset)
> host in helo_verify? no (option unset)
> host in helo_accept_junk_hosts? no (option unset)
> 220 post.libertynet.co.uk ESMTP Exim 3.13 #6 Sat, 08 Jun 2002 15:38:11 +0100
> set_process_info: 76186 3.13 handling incoming connection from
> dial-80-47-5-28.access.uk.tiscali.com [80.47.5.28]
> ready for new message
> smtp_setup_msg entered
> SMTP<< HELO andy
> sender_fullhost = dial-80-47-5-28.access.uk.tiscali.com (andy) [80.47.5.28]
> sender_rcvhost = dial-80-47-5-28.access.uk.tiscali.com ([80.47.5.28]
> helo=andy)
> set_process_info: 76186 3.13 handling incoming connection from
> dial-80-47-5-28.access.uk.tiscali.com (andy) [80.47.5.28]
> 250 post.libertynet.co.uk Hello dial-80-47-5-28.access.uk.tiscali.com
> [80.47.5.28]
> SMTP<< MAIL FROM: <andy@cablecom.co.uk>
> andy@cablecom.co.uk in sender_reject? no (option unset)
> andy@cablecom.co.uk in sender_reject_recipients? no (option unset)
> 250 <andy@cablecom.co.uk> is syntactically correct
> SMTP<< RCPT TO: <andy.coy@virgin.net>
> search_open: mysql "NULL"
> search_find: file="NULL"
> key="SELECT DISTINCT domain FROM mail WHERE domain='virgin.net'"
> partial=-1
> LRU list:
> internal_search_find: file="NULL"
> type=mysql key="SELECT DISTINCT domain FROM mail WHERE
> domain='virgin.net'"
> database lookup required for SELECT DISTINCT domain FROM mail WHERE
> domain='virgin.net'
> MYSQL query: SELECT DISTINCT domain FROM mail WHERE domain='virgin.net'
> MYSQL new connection: host=localhost port=3306 database=**** user=*****
> password=*****
> MYSQL: no data found
> lookup failed
> virgin.net in local_domains? no (end of list)
> virgin.net in relay_domains? no (end of list)
> local host found for non-MX address
> localhost 127.0.0.1 -1
> host in host_accept_relay? no (end of list)
> 550 relaying to <andy.coy@virgin.net> prohibited by administrator
> LOG: 1 MAIN REJECT
> refused relay (host) to <andy.coy@virgin.net> from <andy@cablecom.co.uk>
> H=dial-80-47-5-28.access.uk.tiscali.com (andy) [80.47.5.28]
> SMTP<< QUIT
> 221 post.libertynet.co.uk closing connection
> child 76186 ended: status=0x0
>
> Andy Coy
> Home:01842 828716
> Work:01638 533019
> Mobile:07748 320312
> judge@cablecom.co.uk
>
>
> --
>
> ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ##
>

That's why I always start with the most recent messages and work back.
;-)

Actually, SMTP Auth is a little too difficult for me to deal with.
(Remember, rule #1... People are stupid.) I had a hard enough time with
our customers after I switched to "ipless" virtual e-mail domains. They
had to change their mail server (in and out) to the new single name and
put an @domain at the end of their logon... That took about 2 weeks for
'em to figure out. After we sent them an E-mail a week before we did
it, and a fax the day of the change. Idiots.

I'd much rather have a setup that easily enables SMTP after POP3
automatically. But nobody has written a mail server with that
capability built in.... YET. It's just a nuisance to have to parse the
system logs all the time.

-----Original Message-----
From: Dave C. [mailto:djc@microwave.com]
Sent: Monday, June 10, 2002 7:48 AM
To: Cory Daehn
Cc: exim-users@exim.org
Subject: RE: [Exim] Mail relay problems


On Sun, 9 Jun 2002, Cory Daehn wrote:

> On another note... How do I get exim to relay for an entire class B
> domain? I have a client that uses SBC's DSL and they keep having
> their IP change from one class C to another, but within the same class

> C. According to ARIN the entire class B block belongs to SBC
> Communications, and I'd like to just enable it from there. Same thing

> for University of Texas' dialup account IP's.


They have a /24, and it keeps changing? Thats insane..

>
> I tried this:
>
> 64.217.0.0/65536
>
> but it doesn't seem to be working... Any suggestions?

As someone else pointed out, /16 is what you want. This is CIDR
notation, in the event you wanted to google for documentation.

However, you might be better of setting up SMTP AUTH.

It is almost never a good idea to add networks that *YOU* do not
directly control/own to host_accept_relay.


> -----Original Message-----
> From: exim-users-admin@exim.org [mailto:exim-users-admin@exim.org] On
> Behalf Of Andy Coy
> Sent: Sunday, June 09, 2002 10:57 AM
> To: exim
> Subject: RE: [Exim] Re: Mail relay problems
>
>
> post# sendmail -bP host_accept_relay
> host_accept_relay =
> localhost:127.0.0.1:212.1.128.0/19:62.6.186.226:80.40/13:212.74.96.0/1
> 9:
> 212.
>
159.128.0/18:62.64.128.0/19:212.139.32.0/19:212.139.128.0/17:213.123.76.
> 0/23
> :62.7.125.0/24:62.7.126.0/24:62.7.127.0/24:80.225/16
> post#
>
> I think I have fixed most of it. At the end of the long list of IP's I

> added *.tiscali.com and suddenley it's started to relay. I beleive the

> problem to be down to the 'funky' DNS someone else mentioned earlier.
>
>
>
>
>
>
>
> --
>
> ## List details at http://www.exim.org/mailman/listinfo/exim-users
> Exim details at http://www.exim.org/ ##
>
>
>
>
>
> --
>
> ## List details at http://www.exim.org/mailman/listinfo/exim-users
> Exim details at http://www.exim.org/ ##
>
>


--

On Mon, 10 Jun 2002, Cory Daehn wrote:

> I'd much rather have a setup that easily enables SMTP after POP3
> automatically. But nobody has written a mail server with that
> capability built in.... YET. It's just a nuisance to have to parse the
> system logs all the time.

if i take courier, as that's the one i know... it shouldn't take much
to stick one more module in that would do that perfectly, on its
own... say, one lil thingy after courierpop3login, and before
courierpop3d...


--
[-]

--
On Mon, Jun 10, 2002 at 02:52:45PM -0500, Cory Daehn wrote:

| Actually, SMTP Auth is a little too difficult for me to deal with.
| (Remember, rule #1... People are stupid.) I had a hard enough time with
| our customers after I switched to "ipless" virtual e-mail domains. They
| had to change their mail server (in and out) to the new single name and
| put an @domain at the end of their logon... That took about 2 weeks for
| 'em to figure out. After we sent them an E-mail a week before we did
| it, and a fax the day of the change. Idiots.

My school used to be an open relay (or mostly, if students had borked
systems). A while ago they changed to require SMTP AUTH (unless you
were coming from their own dial-up pool, which of course requires it's
own auth). I don't know how much trouble other people had, but the
only change was a popup in Netscape that asked for user/pass when
sending mail. They haven't backed down from it, so I suppose it must
not have been that bad.

| I'd much rather have a setup that easily enables SMTP after POP3
| automatically.

That's flaky at best. Suppose someone "pops", then gets disconnected,
and a spammer picks up that IP before your timeout.

| But nobody has written a mail server with that
| capability built in.... YET.

Probably because it is, by definition, unreliable.

-D

--

Your beauty should not come from outward adornment, such as braided hair
and the wearing of gold jewelry and fine clothes. Instead, it should be
that of your inner self, the unfading beauty of a gentle and quiet
spirit, which is of GREAT WORTH in God's sight. For this is the way the
holy women of the past used to make themselves beautiful.
I Peter 3:3-5

GnuPG key : http://dman.ddts.net/~dman/public_key.gpg

--
[ Content of type application/pgp-signature deleted ]
--

--
On Mon, Jun 10, 2002 at 09:11:40AM +0100, Matthew Byng-Maddick wrote:
| On Sun, Jun 09, 2002 at 06:45:38PM -0500, Derrick 'dman' Hudson wrote:
| > On the positive side, I don't actually reject much junk anymore. I
| > think my address must have been marked as bad on the spam lists since
| > the spam couldn't get through :-).
|
| Please let me know how you did this, I've been rejecting large amounts
| of spam for at least a year, and I've seen no drop in the levels.

What do you mean by "reject"?

Here's what I do :
1) require verify = header_syntax

This kills quite a bit of stuff at SMTP time. For example
To: <Mainly Millionaires>
(yeah, I'm a millionaire, can you believe it?)

2) A hodge-podge of ACL rejections. I reject a variety of
automatic virus warning messages and "read receipts" or
anything Content-Type: application/ms-tnef that comes from the
outhouse. These used to 'fail' in my system filter, but I've
moved a bunch of these up to the ACL level.

3) http://marc.merlins.org/linux/exim/sa.html

I permanently reject stuff over 10.0 and accept everything
else. I don't scan locally generated mail, already-scanned
mail, and certain From: addresses. I save all rejected
messages in a psuedo-maildir folder. (the directory it saves
to happens to work like a maildir folder because I made it
that way)

I think #3 is the real key, but #1 is a good sanity check in the first
place and #2 is just plain doable with no ill effects. I see "new"
messages in the reject folder when they arrive, and I check my
rejectlog periodically. When I first went live with sa-exim I saw
several messages a day hitting the junk pile. Now I see one or two.
The advantage is I reject the mail at SMTP time rather than creating a
bounce later. If you don't reject the mail, then the address is
"verified" and not likely to be removed from the spam lists.

| Though I am starting to see more coming to my role list-posting
| addresses.
|
| But that's pretty easy to filter, I just send everything that doesn't come
| from the list to those addresses to a spam folder.

That's an interesting trick. I only have one address and I use it for
everything. (except for exim-users, I still have that pointed to my
school address (which forwards to my main address) in case my server
becomes unusable again for some reason)

HTH,
-D

--

Be sure of this: The wicked will not go unpunished,
but those who are righteous will go free.
Proverbs 11:21

GnuPG key : http://dman.ddts.net/~dman/public_key.gpg

--
[ Content of type application/pgp-signature deleted ]
--