I noticed trouble receiving notification about watched topic.
It looks like my ISP antispam filter is in the way, they check
whether envelope address is valid:
2011-02-19 20:19:35.867544500 tcpserver: pid 13033 from 140.211.166.183
2011-02-19 20:19:35.870655500 tcpserver: ok 13033 :172.16.1.4:25 smtp.gentoo.org:140.211.166.183::54180
2011-02-19 20:19:37.120533500 Checking FROM address: apache@gentoo.org
2011-02-19 20:19:38.330841500 Invalid FROM address: apache@gentoo.org: no such user
Is this intentional? No one is handling bounces or other errors?
Notifications not received - invalid envelope source
Message
- cach0rr0
- Bodhisattva
- Posts: 4123
- Joined: Thu Nov 13, 2008 11:14 pm
- Location: Houston, Republic of Texas
your ISP is doing "sender callbacks"
it's a horribly bone-headed method of spam filtering, one that sends me into a pontificating tirade normally...but some people still do it. A good slapping trout is in order. This is what one does during a malicious DHA, not for a method of spam filtering.
Anyway, because your ISP is doing this, I wouldn't be surprised if they found themselves on one of the many DNS-based blacklists/RBL's. Trying to filter spam at the expense of harassing people's servers that may not have ever sent you anything in the first place, is a great way to end up blacklisted.
This method of spam filtering makes the stupid assumption that, if they try to send a RCPT command, and a remote host replies with a 550 (or well, 55x), it is doing so because the sending address is invalid. In the case where your ISP is on a common RBL, they will indeed receive a 550 when trying to send to a remote host that uses the RBL, and of course it has nothing to do with the validity of the user, and everything to do with the fact that they're generating backscatter.
I can't say whether or not this is what's going on, as I don't have my hands involved in the infrastructure piece of things, but it very much would not surprise me.
It's just...just a terrible method of content filtering, one that makes me visibly angry.
Further to that, I just ran a quick test to see if smtp.gentoo.org accepts e-mail to apache@gentoo.org
It does. Which would lead me to believe that indeed, your ISP has likely found themselves blacklisted for this horrendous method of "spam filtering" they've implemented.
sorry for my outburst 
but yeah, I'd ask your ISP to tell you its mail system's public IP, whereupon you can check the common RBL's and see if it's listed (no offense, I hope it IS blacklisted, anyone who implements this method needs to be blacklisted)
it's a horribly bone-headed method of spam filtering, one that sends me into a pontificating tirade normally...but some people still do it. A good slapping trout is in order. This is what one does during a malicious DHA, not for a method of spam filtering.
Anyway, because your ISP is doing this, I wouldn't be surprised if they found themselves on one of the many DNS-based blacklists/RBL's. Trying to filter spam at the expense of harassing people's servers that may not have ever sent you anything in the first place, is a great way to end up blacklisted.
This method of spam filtering makes the stupid assumption that, if they try to send a RCPT command, and a remote host replies with a 550 (or well, 55x), it is doing so because the sending address is invalid. In the case where your ISP is on a common RBL, they will indeed receive a 550 when trying to send to a remote host that uses the RBL, and of course it has nothing to do with the validity of the user, and everything to do with the fact that they're generating backscatter.
I can't say whether or not this is what's going on, as I don't have my hands involved in the infrastructure piece of things, but it very much would not surprise me.
It's just...just a terrible method of content filtering, one that makes me visibly angry.
Further to that, I just ran a quick test to see if smtp.gentoo.org accepts e-mail to apache@gentoo.org
It does. Which would lead me to believe that indeed, your ISP has likely found themselves blacklisted for this horrendous method of "spam filtering" they've implemented.
Code: Select all
# telnet smtp.gentoo.org 25
Trying 140.211.166.183...
Connected to smtp.gentoo.org.
Escape character is '^]'.
220 smtp.gentoo.org Gentoo ESMTP Mail Server
ehlo vpn.whitehathouston.com
250-smtp.gentoo.org
250-PIPELINING
250-SIZE 10240000
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
MAIL FROM:<test@vpn.whitehathouston.com>
250 2.1.0 Ok
RCPT TO:<apache@gentoo.org>
250 2.1.5 Ok
quit
221 2.0.0 Bye
Connection closed by foreign host.
but yeah, I'd ask your ISP to tell you its mail system's public IP, whereupon you can check the common RBL's and see if it's listed (no offense, I hope it IS blacklisted, anyone who implements this method needs to be blacklisted)
Looks like my ISP is not the only one doing this...
Looks like it was a temporary issue, my address is not listed in RBL.
Now it worked, and I find it *very interesting* that during my test a SMTP connection
was made and FROM address: double-bounce@gentoo.org pretended to send
message to my used FROM address
Now it worked, and I find it *very interesting* that during my test a SMTP connection
was made and FROM address: double-bounce@gentoo.org pretended to send
message to my used FROM address