misc/76626: 460.status-mail-rejects shows destination domain
instead of source IP
Rusty Nejdl
rnejdl at ringofsaturn.com
Mon Jan 24 11:10:23 PST 2005
>Number: 76626
>Category: misc
>Synopsis: 460.status-mail-rejects shows destination domain instead of source IP
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Mon Jan 24 19:10:21 GMT 2005
>Closed-Date:
>Last-Modified:
>Originator: Rusty Nejdl
>Release: 5.3
>Organization:
>Environment:
[tethys]:/home/rnejdl> uname -a
FreeBSD tethys.ringofsaturn.com 5.3-STABLE FreeBSD 5.3-STABLE #0: Sat Jan 22 10:38:22 CST 2005 root at tethys.ringofsaturn.com:/usr/obj/usr/src/sys/SATURN i386
[tethys]:/home/rnejdl>
>Description:
/usr/src/etc/periodic/daily/460.status-mail-rejects
Checking for rejected mail hosts:
25 atshaw.com (451... resolve)
24 EMAILHOSTER.COM (550... http://www.spamhaus.org/SBL)
22 cohesionventures.com (550... denied)
19 cohesionventures.com (550... server)
18 matronics.com (550... denied)
16 ringofsaturn.com (550... server)
15 atshaw.com (550... denied)
13 atshaw.com (550... server)
12 ringofsaturn.com (550... denied)
9 danicfinancial.com (451... resolve)
6 cohesionventures.com (553... Corporation)
5 ringofsaturn.com (553... Corporation)
5 cohesionventures.com (550... http://www.spamhaus.org/SBL)
5 atshaw.com (553... IP's)
4 emailhoster.com (550... denied)
4 ATSHAW.COM (550... http://www.spamhaus.org/SBL)
3 tethys.ringofsaturn.com (550... denied)
3 saturnconsulting.com (550... server)
3 saturnconsulting.com (550... denied)
3 cohesionventures.com (553... IP's)
3 atshaw.com (553... Corporation)
3 atshaw.com (553... Clients)
2 tethys.ringofsaturn.com (553... IP's)
2 ringofsaturn.com (553... IP's)
2 ringofsaturn.com (553... Brazil)
2 ringofsaturn.com (550... http://www.spamhaus.org/SBL)
2 emailhoster.com (550... server)
2 cohesionventures.com (553... #Spammer)
2 authentickungfudallas.com (550... server)
2 atshaw.com (553... Users)
1 ringofsaturn.com (553... exist)
1 ringofsaturn.com (550... 218.219.154.210)
1 ringofsaturn.com (550... 204.9.210.123)
1 ringofsaturn.com (451... resolve)
1 ringo.fsbusiness.co.uk (550... [61.11.26.142])
1 hydrolawn.com (553... IP's)
1 hydrolawn.com (550... server)
1 helixdfw.com (553... IP's)
1 emailhoster.com (553... IP's)
1 emailhoster.com (553... Brazil)
1 emailhoster.com (550... 64.14.48.142)
1 emailhoster.com (550... 64.14.48.133)
1 dinhglobal.com (550... server)
1 cohesionventures.com (553... users)
1 cohesionventures.com (553... exist)
1 cohesionventures.com (553... bounced.)
1 cohesionventures.com (553... Brazil)
1 authentickungfudallas.com (553... Spammer)
1 authentickungfudallas.com (553... Brazil)
1 authentickungfudallas.com (550... denied)
1 atshawdot.ca (550... [62.14.104.36])
1 atshawdot.ca (550... [61.11.26.142])
1 atshaw.dotca (550... [202.54.51.5])
1 atshaw.com (553... exist)
1 atshaw.com (553... Spammer)
1 atshaw.com (553... #Spammer)
This is a list of the destination domains. I want to see instead a list of the hosts that have been rejected.
>How-To-Repeat:
Simply execute the command with a default sendmail installation. Here's an example of a reject line:
Jan 24 12:58:17 tethys sm-mta[79791]: j0OIviDL079791: ruleset=check_rcpt, arg1=<atshaw at atshaw.com>, relay=[210.187.94.17], reject=550 5.7.1 <atshaw at atshaw.com>... Fix reverse DNS for 210.187.94.17,or use your ISP server
The relay should be shown by periodic script, not atshaw.com.
>Fix:
I have solved the problem using gawk, which isn't acceptible for normal installs as gawk is a port. However, perhaps this solution can be adapted to work correctly for the normal install.
[tethys]:/home/rnejdl> diff -u /etc/periodic/daily/460.status-mail-rejects /usr/src/etc/periodic/daily/460.status-mail-rejects
--- /etc/periodic/daily/460.status-mail-rejects Sun Oct 10 13:13:34 2004
+++ /usr/src/etc/periodic/daily/460.status-mail-rejects Mon Jan 24 12:55:07 2005
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# $FreeBSD: src/etc/periodic/daily/460.status-mail-rejects,v 1.8.2.5 2002/05/13 21:36:44 brian Exp $
+# $FreeBSD: src/etc/periodic/daily/460.status-mail-rejects,v 1.16.4.1 2005/01/24 14:44:47 brian Exp $
#
# If there is a global system configuration file, suck it in.
@@ -32,57 +32,27 @@
echo
echo Checking for rejected mail hosts:
- # rc=$({
- # for f in `find /var/log -name maillog\* \
- # \( -mtime 1 -o -mtime 2 \) | xargs ls -tr`
- # do
- # case $f in
- # *.gz) zcat -fc $f;;
- # *.bz2) bzip2 -cd $f;;
- # *) cat $f;;
- # esac
- # done
- start=`date -v-1d '+%b %d' | sed 's/0\(.\)$/ \1/'`
+ start=`date -v-1d '+%b %e'`
n=$(($daily_status_mail_rejects_logs - 2))
rc=$({
while [ $n -ge 0 ]
- do
- if [ -f /var/log/maillog.$n ]
- then
- cat /var/log/maillog.$n
- elif [ -f /var/log/maillog.$n.gz ]
- then
- zcat -fc /var/log/maillog.$n.gz
- elif [ -f /var/log/maillog.$n.bz2 ]
- then
- bzcat -fc /var/log/maillog.$n.bz2
- fi
- n=$(($n - 1))
- done
- cat /var/log/maillog
- } | /usr/local/bin/gawk '
- BEGIN {
- today=systime();
- yesterday=strftime("%b %d", today-86400);
- today=strftime("%b %d", today);
- gsub(" 0", " ", today); gsub(" 0", " ", yesterday);
- }
- {
- relay=gensub("^" yesterday ".*, relay=([^,]+), reject=.*",
- "\\1", 1);
- if (relay != $0)
- rejects[relay]++;
- else if (match($0, "^" today))
- exit;
- }
- END {
- for (relay in rejects) {
- printf("%4d %s\n", rejects[relay], relay);
- total += rejects[relay];
- }
- if (total > 0)
- printf("%4d TOTAL\n", total);
- }' | sort -fnr | tee /dev/stderr | wc -l)
+ do
+ if [ -f /var/log/maillog.$n ]
+ then
+ cat /var/log/maillog.$n
+ elif [ -f /var/log/maillog.$n.gz ]
+ then
+ zcat -fc /var/log/maillog.$n.gz
+ elif [ -f /var/log/maillog.$n.bz2 ]
+ then
+ bzcat -fc /var/log/maillog.$n.bz2
+ fi
+ n=$(($n - 1))
+ done
+ cat /var/log/maillog
+ } |
+ sed -n -E "s/^$start"'.*ruleset=check_[^ ]+, +arg1=<?([^@]+@)?([^>,]+).*reject=([^ ]+) .* ([^ ]+)$/\2 (\3... \4)/p' |
+ sort -f | uniq -ic | sort -fnr | tee /dev/stderr | wc -l)
[ $rc -gt 0 ] && rc=1
fi;;
Exit 1
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list