LISTSERV - LSTSRV-L Archives - COMMUNITY.EMAILOGY.COM

LSTSRV-L Archives

LISTSERV Site Administrators' Forum

LSTSRV-L

	LISTSERV Archives
	LSTSRV-L Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives
Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Listserv emails refused by external servers, non-Listserv emails accepted
Bobby Kuo <[log in to unmask]>
Tue, 12 Nov 2002 18:53:56 -0500
TEXT/PLAIN (176 lines)
Hello,

I have been using Listserv without any problem for nearly two years now.
However, starting on 11/7/2002, emails sent via Listserv have been refused
by external servers. I am running Listserv Lite 1.8d on RedHat 7.2, and
sendmail 8.11.6.  I have not updated or patched anything on the system in
the past few months.

I first noticed a problem when I received an error report on 11/9/2002
from Listserv stating that all of the addresses on one of the lists had
transient non-fatal errors:

<---begin--->
| Date: Sat, 9 Nov 2002 11:55:32 -0500
| From: "L-Soft list server at moukki (1.8d)" <[log in to unmask]>
| To: Bobby Kuo <[log in to unmask]>
| Subject: QUINCY: error report from MOUKKI.NET
|
| The enclosed message, found in the QUINCY mailbox and shown under the spool ID
| 44358 in  the system  log, has  been identified as  a possible  delivery error
| notice  for the  following reason:  "X-Report-Type:" field  found in  the mail
| header.
|
| ------------------------ Message in error (241 lines) -------------------------
| Received: from davenport0.moukki.net (davenport0 [192.168.0.200])
|         by moukki.net (8.11.6/8.11.6) with ESMTP id gA9GtWu31048
|         for <[log in to unmask]>; Sat, 9 Nov 2002 11:55:32 -0500
| Received: from localhost (localhost)
|         by moukki.net (8.11.6/8.11.6) id gA9GtVv31045;
|         Sat, 9 Nov 2002 11:55:32 -0500
| Date: Sat, 9 Nov 2002 11:55:32 -0500
| From: Mail Delivery Subsystem <[log in to unmask]>
| Message-Id: <[log in to unmask]>
| To: <[log in to unmask]>
| MIME-Version: 1.0
| Content-Type: multipart/report; report-type=delivery-status;
|         boundary="gA9GtVv31045.1036860932/moukki.net"
| Content-Transfer-Encoding: 8bit
| Subject: Warning: could not send message for past 4 hours
| Auto-Submitted: auto-generated (warning-timeout)
|
|
| This is a MIME-encapsulated message
|
| --gA9GtVv31045.1036860932/moukki.net
|
|     **********************************************
|     **      THIS IS A WARNING MESSAGE ONLY      **
|     **  YOU DO NOT NEED TO RESEND YOUR MESSAGE  **
|     **********************************************
|
| The original message was received at Sat, 9 Nov 2002 07:39:10 -0500
| from davenport0 [192.168.0.200]
|
|    ----- The following addresses had transient non-fatal errors -----
| <[log in to unmask]>
| <[log in to unmask]>
| <[log in to unmask]>
| <[log in to unmask]>
| <[log in to unmask]>
| <[log in to unmask]>
| <[log in to unmask]>
| <[log in to unmask]>
| <[log in to unmask]>
| <[log in to unmask]>
| <[log in to unmask]>
| <[log in to unmask]>
| <[log in to unmask]>
| <[log in to unmask]>
| <[log in to unmask]>
| <[log in to unmask]>
| <[log in to unmask]>
|
|    ----- Transcript of session follows -----
| <[log in to unmask]>... Deferred: Connection refused by dpw.com.
| <[log in to unmask]>... Deferred: Connection refused by earthlink.com.
| <[log in to unmask]>... Deferred: Connection refused by fas.harvard.edu.
| <[log in to unmask]>... Deferred: Connection refused by hotmail.com.
| <[log in to unmask]>... Deferred: Connection refused by itsa.ucsf.edu.
| <[log in to unmask]>... Deferred: Connection refused by mit.edu.
| <[log in to unmask]>... Deferred: Connection refused by partners.org.
| <[log in to unmask]>,<[log in to unmask]>,<[log in to unmask]>,<e
| [log in to unmask]>... Deferred: Connection refused by post.harvard.edu.
| <[log in to unmask]>... Deferred: Connection refused by ucsd.edu.
| <[log in to unmask]>,<[log in to unmask]>,<[log in to unmask]>,<email16
| @YAHOO.COM>,<[log in to unmask]>... Deferred: Connection refused by yahoo.com.
| Warning: message still undelivered after 4 hours
| Will keep trying until message is 5 days old
|    .
|    .
|    .
<---end--->

After looking in /var/log/maillog, I discovered that Listserv emails had
actually begun being refused on 11/7/2002:

<---begin--->
| Nov  7 16:45:35 davenport0 sendmail[26629]: gA7LjZu26629: from=<>, size=1506, class=0, nrcpts=1, msgid=<[log in to unmask]>, proto=ESMTP, daemon=MTA, relay=davenport0 [192.168.0.200]
| Nov  7 16:45:35 davenport0 sendmail[26631]: gA7LjZu26629: to=<[log in to unmask]>, delay=00:00:00, xdelay=00:00:00, mailer=esmtp, pri=31506, relay=vm.se.lsoft.com. [24.147.1.10], dsn=4.0.0, stat=Deferred: Connection refused by vm.se.lsoft.com.
| Nov  7 16:55:31 davenport0 sendmail[26653]: gA7LjZu26629: to=<[log in to unmask]>, delay=00:09:56, xdelay=00:00:00, mailer=esmtp, pri=121506, relay=vm.se.lsoft.com. [24.147.1.10], dsn=4.0.0, stat=Deferred: Connection refused by vm.se.lsoft.com.
| Nov  7 17:55:31 davenport0 sendmail[26766]: gA7LjZu26629: to=<[log in to unmask]>, delay=01:09:56, xdelay=00:00:00, mailer=esmtp, pri=211506, relay=vm.se.lsoft.com. [24.147.1.10], dsn=4.0.0, stat=Deferred: Connection refused by vm.se.lsoft.com.
|    .
|    .
|    .
| Nov 12 16:55:32 davenport0 sendmail[23562]: gA7LjZu26629: to=<[log in to unmask]>, delay=5+00:09:57, xdelay=00:00:00, mailer=esmtp, pri=10921506, relay=vm.se.lsoft.com., dsn=4.0.0, stat=Deferred: Connection refused by vm.se.lsoft.com.
| Nov 12 16:55:32 davenport0 sendmail[23562]: gA7LjZu26629: gACLtVv23562: postmaster notify: Cannot send message for 5 days
<---end--->

and

<---begin--->
| Nov  7 23:00:01 davenport0 sendmail[27270]: gA8400u27270: from=<>, size=306, class=0, nrcpts=1, msgid=<[log in to unmask]>, proto=ESMTP, daemon=MTA, relay=davenport0 [192.168.0.200]
| Nov  7 23:00:01 davenport0 sendmail[27272]: gA8400u27270: to=<[log in to unmask]>, delay=00:00:00, xdelay=00:00:00, mailer=esmtp, pri=30306, relay=swgate.lsoft.com. [24.147.1.10], dsn=4.0.0, stat=Deferred: Connection refused by swgate.lsoft.com.
|    .
|    .
|    .
| Nov 12 16:55:32 davenport0 sendmail[23562]: gA8400u27270: to=<[log in to unmask]>, delay=4+17:55:31, xdelay=00:00:00, mailer=esmtp, pri=10290306, relay=swgate.lsoft.com., dsn=4.0.0, stat=Deferred: Connection refused by swgate.lsoft.com.
<---end--->

and many other Listserv maintenance emails.

I found two other emails that were being refused which made me suspect
that perhaps spammers were using my system as an open relay, since I
didn't recognize either email address:

<---begin--->
| Nov  8 06:19:24 davenport0 sendmail[28333]: gA8BJOu28333: from=<>, size=258, class=0, nrcpts=1, msgid=<[log in to unmask]>, proto=ESMTP, daemon=MTA, relay=davenport0 [192.168.0.200]
| Nov  8 06:19:24 davenport0 sendmail[28335]: gA8BJOu28333: to=<[log in to unmask]>, delay=00:00:00, xdelay=00:00:00, mailer=esmtp, pri=30258, relay=bankinter.es. [24.147.1.10], dsn=4.0.0, stat=Deferred: Connection refused by bankinter.es.
|    .
|    .
|    .
| Nov 12 16:55:32 davenport0 sendmail[23562]: gA8BJOu28333: to=<[log in to unmask]>, delay=4+10:36:08, xdelay=00:00:00, mailer=esmtp, pri=9660258, relay=bankinter.es., dsn=4.0.0, stat=Deferred: Connection refused by bankinter.es.
<---end--->

and

<---begin--->
| Nov 10 17:31:34 davenport0 sendmail[9032]: gAAMVYu09032: from=<>, size=486, class=0, nrcpts=1, msgid=<[log in to unmask]>, proto=ESMTP, daemon=MTA, relay=davenport0 [192.168.0.200]
| Nov 10 17:31:34 davenport0 sendmail[9034]: gAAMVYu09032: to=<[log in to unmask]>, delay=00:00:00, xdelay=00:00:00, mailer=esmtp, pri=30486, relay=aol.com. [24.147.1.10], dsn=4.0.0, stat=Deferred: Connection refused by aol.com.
|    .
|    .
|    .
| Nov 12 16:55:32 davenport0 sendmail[23562]: gAAMVYu09032: to=<[log in to unmask]>, delay=1+23:23:58, xdelay=00:00:00, mailer=esmtp, pri=4350486, relay=aol.com. [24.147.1.10], dsn=4.0.0, stat=Deferred: Connection refused by aol.com.
<---end--->

However, I checked my sendmail configuration via abuse.net's open relay
testing tool and verified that my machine was not relaying outside email.
I thought it might be a sendmail problem, but email sent from my server
but not through listserv was getting through fine:

<---begin--->
| Nov 11 08:01:00 davenport0 sendmail[10628]: gABD10l10628: from=bkuo, size=173, class=0, nrcpts=1, msgid=<[log in to unmask]>, relay=bkuo@localhost
| Nov 11 08:01:01 davenport0 sendmail[10631]: gABD10l10628: [log in to unmask], ctladdr=bkuo (500/500), delay=00:00:01, xdelay=00:00:01, mailer=esmtp, pri=30173, relay=mx1.mail.yahoo.com. [64.157.4.83], dsn=2.0.0, stat=Sent (ok dirdel)
<---end--->

So I looked through /home/listserv/listserv.log and found:

<---begin--->
| 8 Nov 2002 06:19:24 From [log in to unmask]: X-FOR FWDED=2 [log in to unmask] QUERY LO
| 8 Nov 2002 06:19:24 To   [log in to unmask]: You are not subscribed to the LO list.
| 8 Nov 2002 06:19:24 Sent information mail to [log in to unmask]
| 10 Nov 2002 17:31:34 From [log in to unmask]: X-FOR FWDED=2 [log in to unmask] SUBSCRIBE madness
| 10 Nov 2002 17:31:34 To   [log in to unmask]: Please type your name after the name  of the list, as in: "SUBSCRIBE MADNESS (...)
| 10 Nov 2002 17:31:34 Sent information mail to [log in to unmask]
<---end--->

So the two "non" Listserv emails that were being refused actually turned
out to be sent from Listserv after all.

Mails sent from Listserv and the sendmail retries of email originating
from Listserv continue to be refused.  Does anyone have any ideas what the
problem might be?

Thanks,
Bob
ATOM RSS1 RSS2
COMMUNITY.EMAILOGY.COM