Received-SPF: pass (Last token {+mx} (res=PASS)) client-ip=70.35.205.71; envelope-from=<lyle@lcrcomputer.info>; x-ip-name=ns3.lcrcomputer.net;
X-Received: from ns3.lcrcomputer.net (ns3.lcrcomputer.net [70.35.205.71])
by netwin.co.nz (SurgeMail 7.8b) with ESMTP (TLS) id 13483322-1391920
for <surgemail-list@netwin.co.nz>; Fri, 08 Mar 2024 00:43:36 +0000
X-Return-Path: lyle
X-Default-Received-SPF: pass (skip=loggedin (res=PASS)) x-ip-name=73.22.239.67; envelope-from=<lyle@lcrcomputer.info>;
X-Received: from mail3.lcrcomputer.net (unverified [73.22.239.67])
by ns3.lcrcomputer.net (SurgeMail 7.7i) with ESMTP (TLS) id 626545-1235687
for <surgemail-list@netwin.co.nz>; Fri, 08 Mar 2024 00:43:31 +0000
X-Return-Path: lyle
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lcrcomputer.info;
s=default; t=1709858612;
bh=QANAaH+zM+8uXY6kuRKyxj/gH6pwZoxxWZD1OvJVRM4=;
h=Date:To:From:Subject;
b=AMVgE6nKPxCTIFrkW00W2e1o8dgok6a2jJ7/BhHd1xcWlSg3yxcAfEbHY5cofuhXq
/26oAVjzkgvHhM5w7GVkQzezt2tOSXIlabzppIPTizIKulIs/hzygZ6b1u8LiJni8T
K89nWrF5k1ySctqjPVNFYAJYl84Q34qc2ywSN+a8=
X-Default-Received-SPF: pass (skip=forwardok (res=PASS)) x-ip-name=192.168.250.160; envelope-from=<lyle@lcrcomputer.info>;
X-Received: from [192.168.250.160] (unverified [192.168.250.160])
by mail3.lcrcomputer.net (SurgeMail 7.7i) with ESMTP (TLS) id 384280-1794114
for <surgemail-list@netwin.co.nz>; Thu, 07 Mar 2024 18:43:31 -0600
X-Return-Path: lyle
Message-ID: <d3c67d75-fc03-43ea-973f-30ce90877fbd@lcrcomputer.info>
Date: Thu, 7 Mar 2024 18:43:31 -0600
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Content-Language: en-US
To: surgemail-list@netwin.co.nz
From: Lyle Giese
Subject: [SurgeMail List] Bad mx record
Content-Transfer-Encoding: 8bit
X-X-Authenticated-User: lyle@lcrcomputer.com
X-X-Qnum: 626545
X-X-Authenticated-User: auth_admin@ns3.lcrcomputer.net
X-Originating-IP: 70.35.205.71
X-Country: code=US country="United States" ip=70.35.205.71
X-Qnum: 13483322
X-ORBS-Accept: dnswl_none
X-Rcpt-To: <surgemail-list@netwin.co.nz>
X-SpamDetect: **************: 14.2 sd=14.2 NoRule 0.99(S_jp) 0.99(SURBL) 0.04(X-myrbl:Color=white) 0.95(X-MyUrl:black) 0.90(X-Phrase:isspam) 0.80(SPF Negate) 0.36(X-Verify-Helo:+OK) 0.38(dkimok) 0.39(X-NotAscii:utf) 0.46(StandardTLD) 0.46(spfpass) 0.49(dnswl_none) 0.49(X-LangGuess:English) Nbetter 6.0 Saned 10.2 sanityx 13.3 Moved 10.2->13.3 Sval 13.3,rx:myrblwhite,rx:surbl
X-NotAscii: charset=utf-8;
X-Surbl: jp swallowwire.sa.com multi.surbl.org
X-LangGuess: English
X-MyUrl: Color=Black found=swallowwire.sa.com
X-Phrase: IsSpam score=1.00
X-Verify-Helo: +OK ns3.lcrcomputer.net
X-Dmarc: from=lyle@lcrcomputer.info dkim=Good known=True SPF=passed policy=none
Authentication-Results: netwin.co.nz header.from=lcrcomputer.info; dkim=pass (good signature)
X-Encryption: SSL encrypted
X-MyRbl: Color=White Age=188 Spam=0 Notspam=0 Stars=0 Good=7 Friend=2 Surbl=0 Catch=0 r=0 ip=70.35.205.71
X-IP-stats: Incoming Outgoing Last 50, First 1148, in=1064, out=120, spam=0 Known=true ip=70.35.205.71
List-Unsubscribe: <mailto:surgemail-list-leave@netwin.co.nz?subject=unsubscribe>
X-Mailing-List: surgemail-list@netwin.co.nz
List-ID: <surgemail-list@netwin.co.nz>
Precedence: bulk
Reply-To: surgemail-list@netwin.co.nz
Seeing many bad emails with bad DNS entries.
For example
swallowwire.sa.com
It has an A record but the MX record points to protection.outlook.com
which is an invalid host name, so Microsoft does not give back any ip
addresses for this host.
I am running a smart host that forwards to my mail server. My personal
mail server uses Clamav with the securite extra spam definations. This
is causing rejects from my personal mail server and it bounces the
email. Now my smart host is trying to send back the NDR to the sender.
This is where things go sideways. You have an MX record, but that does
not resolve to a valid host ip address. Now the NDR is stuck at the
smart host. I have some scripts that monitor the number of queued
messages and I get alerts because of the pileup in the message queue on
the smart host.
In addition there is a minor bug in Surgemail, when I deleted multiple
messages from the webadmin interface, Surgemail does not properly clear
the unsent yet count or the unsent yet-q count on the Status page.
Which is what I am monitoring to determine if there are too many
messages stuck in the queue.
Where do I go from here to stop this fine mess the spammers put me in?
Lyle Giese
|