[Server issue, not book!] Can't email any address at lfs.org anymore

[bryan@linuxfromscratch.org]

This is the only way I can contact anyone at LFS (see below); I really hate to use the ticketing system to do this, but I have no choice.

Up through last Friday, I was able to send mail to any of the LFS mailing lists just fine.

Today, I tried sending a mail to lfs-dev, and it got bounced because the SORBS_DUL score was 5.0, because I was sending directly from a "dial-up" account. (Actually it's DSL, but whatever.) This is the way I've been sending mail to this list for the last two years (directly from a dynamic address), and it's never cared before last weekend. (The NJABL score on that mail was also 1.7, but that's not enough to bounce the message; the limit is set to 5.0.)

I later tried sending something to Gerard directly, to see if I could find out what happened, but apparently SA is running on every mail that gets received by any address at LFS.org. So that mail got bounced as well, which means I can't send a message to *any* address on your server. I still have the bounce messages if they would help for anything, but I don't have any way to send them to an LFS server, so maybe they're worthless.

It looks like someone changed the spamassassin settings last weekend to increase the "spam weight" that gets assigned when someone shows up in SORBS, or something. (Not that that helped the count of bounce messages that are showing up on the hints list or anything...) Is there any way that change could be reverted, so I can mail the list again? Or can I be told why this change was made at least? Not that I'll be able to respond except through this ticket (or a non-lfs.org address if someone tells me to send to that address).

(For the general reason I refuse to use blacklists at all myself, see ​http://www.paulgraham.com/falsepositives.html and ​http://www.paulgraham.com/spamhausblacklist.html -- but that's a separate issue.)

(Copying Gerard because his address is the "contact me if this spam classification is an error" in the bounce message.)

Thanks.

[DJ Lucas]

Same problem here. Rating messages 6.7. My server uses SWBell for a smarthost...actually no logic at all, it just passes everything there. I also tried my local dialup ISP with no luck. Here is SA's analysis:

Content analysis details: (6.7 points, 5.0 required)

pts rule name description

---

0.1 FORGED_RCVD_HELO Received: contains a forged HELO 5.0 RCVD_IN_SORBS_DUL RBL: SORBS: sent directly from dynamic IP address

[68.91.213.99 listed in dnsbl.sorbs.net]

1.7 RCVD_IN_NJABL_DUL RBL: NJABL: dialup sender did non-local SMTP

[68.91.213.99 listed in combined.njabl.org]

Also I found interesting is this in the headers:

Received: by smtp.linuxfromscratch.org (Postfix, from userid 108) id 8B5AC27BA; Mon, 10 Apr 2006 23:34:55 -0600 (MDT) Received: from localhost by belgarath.linuxfromscratch.org with SpamAssassin (version 3.0.2); Mon, 10 Apr 2006 23:34:55 -0600

localhost seems a little odd there. Tested smarthost, here is the return from another account that's not bouncing them:

Return-Path: <dj@…> Received: from smtp113.sbc.mail.mud.yahoo.com ([68.142.198.212])

by summerfield.mail.atl.earthlink.net (EarthLink SMTP Server) with SMTP id 1ftc0k5LL3Nl3rE1 for <luc4s1t@…>; Tue, 11 Apr 2006 02:05:32 -0400 (EDT)

Received: (qmail 25588 invoked from network); 11 Apr 2006 06:05:32 -0000 Received: from unknown (HELO pinski.lucasit.com) (lucasit@…@68.91.213.99 with plain)

by smtp113.sbc.mail.mud.yahoo.com with SMTP; 11 Apr 2006 06:05:32 -0000

Received: from [192.168.0.216] (dsl-189-178-rt2-bras.wnvl.centurytel.net [209.142.189.178])

(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by pinski.lucasit.com (Postfix) with ESMTP id C2B86AC8 for <LUC4S1T@…>; Tue, 11 Apr 2006 01:07:26 -0500 (CDT)

Hope some of that helps.

[bryan@linuxfromscratch.org]

Fixed via whitelist (for me at least); thanks!