Maybe Antispam DNS Blacklist not working

Use this forum if you have installed hMailServer and want to ask a question related to a production release of hMailServer. Before posting, please read the troubleshooting guide. A large part of all reported issues are already described in detail here.
Post Reply
HMailLover2015
New user
New user
Posts: 22
Joined: 2015-02-11 17:07

Maybe Antispam DNS Blacklist not working

Post by HMailLover2015 » 2020-05-06 19:38

Was looking through some posts and noticed that some people talk about log entries when incoming mail is checked against antispam blacklists. I am not seeing these sort of entries in my logs for the DNS Blacklists. All I see is

Code: Select all

Spam test: SpamTestDNSBlackLists, Score: 0
Shouldn't there be entries for each blacklist checked?

Thanks

HMailLover2015
New user
New user
Posts: 22
Joined: 2015-02-11 17:07

Re: Maybe Antispam DNS Blacklist not working

Post by HMailLover2015 » 2020-05-06 20:56

Addition. Should have put in the original post - even with all logging enabled, I see no entries for Blacklist lookups. Only SURBL entries but nothing for the three configured DNSBL - sorbs, spamcop and spamhaus

User avatar
jimimaseye
Moderator
Moderator
Posts: 10060
Joined: 2011-09-08 17:48

Re: Maybe Antispam DNS Blacklist not working

Post by jimimaseye » 2020-05-06 23:41

Pay a full log excerpt of a message needing received and processed to delivery where you think the entries should be appearing. Also run this and post the results: https://www.hmailserver.com/forum/viewt ... 20&t=30914.

[Entered by mobile. Excuse my spelling.]
5.7 on test.
SpamassassinForWindows 3.4.0 spamd service
AV: Clamwin + Clamd service + sanesecurity defs : https://www.hmailserver.com/forum/viewtopic.php?f=21&t=26829

HMailLover2015
New user
New user
Posts: 22
Joined: 2015-02-11 17:07

Re: Maybe Antispam DNS Blacklist not working

Post by HMailLover2015 » 2020-05-07 01:45

Here is the output

Code: Select all

[code]2020-05-06   Hmailserver: 5.6.6-B2383

DOMAINS

   "Domain1.com" - amxxxxxxxxxxxxxxx.com          Enabled: False

   "Domain2.com" - caxxxxxxxxxxxxxxxx.orx         Enabled: False

   "Domain3.com" - jxxxxxxxxxxxxx.com             Enabled: True

SIGNATURE         LIMITS                       DKIM               ADVANCED
  Enabled: False   Max size:                0   Enabled: True    
                   Max message size:        0   Header:   Relaxed  Plus addressing: False
                   Max size of accounts:    0   Body:     Relaxed
                                                Algorithm: SHA256  Greylisting: !! ENABLED BUT NOT ACTIVATED!! 
                                                Private key: c:\program files\hmailserver\data\dkim.Domain3.com.pem
                                                Selector:    dkim

   "Domain4.com" - jxxxxxxxxxxxxx.net             Enabled: True

SIGNATURE         LIMITS                       DKIM               ADVANCED
  Enabled: False   Max size:                0   Enabled: True    
                   Max message size:        0   Header:   Relaxed  Plus addressing: False
                   Max size of accounts:    0   Body:     Relaxed
                                                Algorithm: SHA256  Greylisting:     False
                                                Private key: c:\program files\hmailserver\data\dkim.Domain4.com.pem
                                                Selector:    dkim

   "Domain5.com" - jxxxxxxxx.com                  Enabled: True

SIGNATURE         LIMITS                       DKIM               ADVANCED
  Enabled: False   Max size:                0   Enabled: True    
                   Max message size:        0   Header:   Relaxed  Plus addressing: False
                   Max size of accounts:    0   Body:     Relaxed
                                                Algorithm: SHA256  Greylisting:     False
                                                Private key: c:\program files\hmailserver\data\dkim.Domain5.com.pem
                                                Selector:    dkim

   "Domain6.com" - maxxxxxxxx.xxxx.cx              Enabled: True

SIGNATURE         LIMITS                       DKIM               ADVANCED
  Enabled: False   Max size:                0   Enabled: False   
                   Max message size:        0                      Plus addressing: False
                   Max size of accounts:    0                    
                                                                   Greylisting:     False

   "Domain7.com" - texxxxxxxxxxxxxxxx.net         Enabled: True

SIGNATURE         LIMITS                       DKIM               ADVANCED
  Enabled: False   Max size:                0   Enabled: False   
                   Max message size:        0                      Plus addressing: False
                   Max size of accounts:    0                    
                                                                   Greylisting: !! ENABLED BUT NOT ACTIVATED!! 

   "Domain8.com" - texxxxxxxxxxxxxxxxx.net        Enabled: True

SIGNATURE         LIMITS                       DKIM               ADVANCED
  Enabled: False   Max size:                0   Enabled: True    
                   Max message size:        0   Header:   Relaxed  Plus addressing: False
                   Max size of accounts:    0   Body:     Relaxed
                                                Algorithm: SHA256  Greylisting:     False
                                                Private key: c:\program files\hmailserver\data\dkim.Domain8.com.pem
                                                Selector:    dkim

   "Domain9.com" - waxxxxxxxxxxxxxxxxx.com        Enabled: True

SIGNATURE         LIMITS                       DKIM               ADVANCED
  Enabled: False   Max size:                0   Enabled: False   
                   Max message size:        0                      Plus addressing: False
                   Max size of accounts:    0                    
                                                                   Greylisting:     False
-----------------------------------------------------------------------------------------------

IP RANGES

IP: 127.0.0.1 - 127.0.0.1     Priority: 15     Name: My Computer

  Allow connections                         Other
     SMTP:   True                              Antispam :   True
     POP3:   True                              Antivirus:   True !! ANTIVIRUS NOT CONFIGURED !!
     IMAP:   True                              SSL/TLS:    False

  Allow Deliveries from                     Require Authentication from
     Local To Local       -  True              Local To Local       - False
     Local To External    -  True              Local To External    -  True
     External To Local    -  True              External To Local    - False
     External To External -  True              External To External -  True


IP: 0.0.0.0 - 255.255.255.255     Priority: 10     Name: Internet

  Allow connections                         Other
     SMTP:   True                              Antispam :   True
     POP3:   True                              Antivirus:   True !! ANTIVIRUS NOT CONFIGURED !!
     IMAP:   True                              SSL/TLS:    False

  Allow Deliveries from                     Require Authentication from
     Local To Local       -  True              Local To Local       - False
     Local To External    -  True              Local To External    -  True
     External To Local    -  True              External To Local    - False
     External To External -  True              External To External -  True


------------------------------------------------------
AUTOBANNED Local Addresses:
    No entries

-----------------------------------------------------------------------------------------------

AUTOBAN
  Autoban Enabled: True       Max invalid logon attempts:      1
                              Minutes Before Reset:        10080  (168.00 hours, 7.00 days)
                              Minutes to Autoban:          10080  (168.00 hours, 7.00 days)

There is a total of 218 auto-ban IP ranges.
-----------------------------------------------------------------------------------------------

INCOMING RELAYS
                    0.0.0.0          -   255.255.255.255
-----------------------------------------------------------------------------------------------

MIRRORING         mailmirror@Domain4.com
-----------------------------------------------------------------------------------------------

PROTOCOLS

SMTP
GENERAL             DELIVERY                  RFC COMPLIANCE            ADVANCED
No. Connections:100  No Retries:168 Mins: 60   Plain Text:        False  Bind: 
                     Host: Domain6.com         Empty sender:       True  Batch recipients:   100
Max Msg Size:500000  Relay:-                   Incorrect endings:  True  Use STARTTLS:      True
                      EXTERNAL.TLD  (ok)       Disc. on invalid:   True  Delivered-To hdr: False
                     Port: 587                 Max number commands: 100  Loop limit:           5
                     Req Auth: True *User Entered*                       Recipient hosts:     15
                     Con. Sec.: StartTLS Optional
  Routes:
     No routes defined.

POP3
  No. Connections: 50

IMAP
 GENERAL                   PUBLIC FOLDERS                    ADVANCED
  No. Connections: 300      Public folder name: #Public       IMAP sort:  True
                                                              IMAP Quota: True
                                                              IMAP Idle:  True
                                                              IMAP ACL:   True
                                                              Delim: "."
-----------------------------------------------------------------------------------------------

ANTISPAM

GENERAL                              SPAM TESTS              Score   SPAMASSASSIN
  Spam Mark:                  2       Use SPF:            True - 3    Use Spamassassin:   False
  Add X-HmailServer-Spam:     True    Check HELO host:    True - 2
  Add X-HmailServer-Reason:   True    Check MX records:   True - 2
  Add X-HmailServer-Subject:  True    Verify DKIM:        True - 5
              Subject Text: "[SPAM]"
  Spam delete threshold: 1000         Maximum message size: 9999

DNSBL ENTRIES:
                   dnsbl.sorbs.net      Score: 3     Result: 127.0.0.2-14
                   bl.spamcopy.net      Score: 3     Result: 127.0.0.2
                  zen.spamhaus.org      Score: 3     Result: 127.0.0.2-11

SURBL ENTRIES:
                   multi.surbl.org      Score: 3

GREYLISTING:
  Greylisting:  False

WHITELISTING
   No entries
-----------------------------------------------------------------------------------------------

ANTIVIRUS:  No application configured.

  Block Attachments: True
               *.bat             Batch processing file
               *.cmd             Command file for Windows NT
               *.com             Command
               *.cpl             Windows Control Panel extension
               *.csh             CSH script
               *.exe             Executable file
               *.inf             Setup file
               *.lnk             Windows link file
               *.msi             Windows Installer file
               *.msp             Windows Installer patch
               *.reg             Registration key
               *.scf             Windows Explorer command
               *.scr             Windows Screen saver
-----------------------------------------------------------------------------------------------

SSL CERTIFICATES
   Mxxxxxxx.xxxxx.CX
       Certificate: C:\OpenSSL-Win32\bin\mxxxx.cert
       Private key: C:\OpenSSL-Win32\bin\mxxxx.key
-----------------------------------------------------------------------------------------------

SSL/TLS
             SSL 3.0 :   True
             TLS 1.0 :   True
             TLS 1.1 :   True
             TLS 1.2 :   True                Verify Remote SSL/TLS Certs:   True
SslCipherList  :

ECDHE-RSA-AES128-GCM-SHA256     - ECDHE-ECDSA-AES128-GCM-SHA256   - ECDHE-RSA-AES256-GCM-SHA384     
ECDHE-ECDSA-AES256-GCM-SHA384   - DHE-RSA-AES128-GCM-SHA256       - DHE-DSS-AES128-GCM-SHA256       
kEDH+AESGCM                     - ECDHE-RSA-AES128-SHA256         - ECDHE-ECDSA-AES128-SHA256       
ECDHE-RSA-AES128-SHA            - ECDHE-ECDSA-AES128-SHA          - ECDHE-RSA-AES256-SHA384         
ECDHE-ECDSA-AES256-SHA384       - ECDHE-RSA-AES256-SHA            - ECDHE-ECDSA-AES256-SHA          
DHE-RSA-AES128-SHA256           - DHE-RSA-AES128-SHA              - DHE-DSS-AES128-SHA256           
DHE-RSA-AES256-SHA256           - DHE-DSS-AES256-SHA              - DHE-RSA-AES256-SHA              
AES128-GCM-SHA256               - AES256-GCM-SHA384               - ECDHE-RSA-RC4-SHA               
ECDHE-ECDSA-RC4-SHA             - AES128                          - AES256                          
RC4-SHA                         - HIGH                            - !aNULL                          
!eNULL                          - !EXPORT                         - !DES                            
!3DES                           - !MD5                            - !PSK;                           
-----------------------------------------------------------------------------------------------

TCPIP PORTS                                         Connection Sec
               0.0.0.0         / 25    / SMTP   -   None                
               0.0.0.0         / 110   / POP3   -   None                
               0.0.0.0         / 143   / IMAP   -   None                
               0.0.0.0         / 500   / SMTP   -   SSL/TLS             Cert:  Mxxxxxxx.xxxxx.CX
               0.0.0.0         / 587   / SMTP   -   None                
               0.0.0.0         / 993   / IMAP   -   SSL/TLS             Cert:  Mxxxxxxx.xxxxx.CX
-----------------------------------------------------------------------------------------------

LOGGING      Logging Enabled: True

  Paths:-
    Current:  C:\Program Files\hMailServer\Logs\hmailserver_2020-05-06.log
    Error:    C:\Program Files\hMailServer\Logs\ERROR_hmailserver_2020-05-06.log
    Event:    C:\Program Files\hMailServer\Logs\hmailserver_events.log - Last Event: 2020/05/06
    Awstats:  C:\Program Files\hMailServer\Logs\hmailserver_awstats.log
                        APPLICATION -    True
                        SMTP        -    True
                        POP3        -      .
                        IMAP        -      .
                        TCPIP       -    True
                        DEBUG       -    True
                        AWSTATS     -      .
-----------------------------------------------------------------------------------------------

SYSTEM TESTS

Database type: MySQL

IPv6 support is not available in operating system.

Backup directory C:\xxxxx is writable.

ERROR: Full paths are stored in the database.

-----------------------------------------------------------------------------------------------

HMAILSERVER.INI

[Directories]
Program folder:  C:\Program Files\hMailServer\
Database folder: 
Data folder:     C:\Program Files\hMailServer\Data
Log folder:      C:\Program Files\hMailServer\Logs
Temp folder:     C:\Program Files\hMailServer\Temp
Event folder:    C:\Program Files\hMailServer\Events

[Database]
Type=              MYSQL
Username=          root
PasswordEncryption=1
Port=              3306
Server=            192.168.2.99
Internal=          0
-----------------------------------------------------------------------------------------------

Generated by HMSSettingsDiagnostics v2.00, Hmailserver Forum.
[/code]

and a log entry

Code: Select all

"DEBUG"	712	"2020-05-06 19:17:00.773"	"Creating session 2080"
"TCPIP"	712	"2020-05-06 19:17:00.773"	"TCP - 45.142.182.53 connected to 192.168.2.99:25."
"DEBUG"	712	"2020-05-06 19:17:00.773"	"TCP connection started for session 2068"
"SMTPD"	712	2068	"2020-05-06 19:17:00.773"	"45.142.182.53"	"SENT: 220 Mxxxxxxx.xxxxx.CX ESMTP"
"SMTPD"	3888	2068	"2020-05-06 19:17:00.898"	"45.142.182.53"	"RECEIVED: EHLO jezqb.telegram.org"
"SMTPD"	3888	2068	"2020-05-06 19:17:00.898"	"45.142.182.53"	"SENT: 250-Mxxxxxxx.xxxxx.CX[nl]250-SIZE 500000000[nl]250-AUTH LOGIN[nl]250 HELP"
"SMTPD"	3232	2068	"2020-05-06 19:17:01.023"	"45.142.182.53"	"RECEIVED: MAIL FROM:<info@PK8AN.enterpriserentacar.ca>"
"SMTPD"	3232	2068	"2020-05-06 19:17:01.023"	"45.142.182.53"	"SENT: 250 OK"
"SMTPD"	3888	2068	"2020-05-06 19:17:01.148"	"45.142.182.53"	"RECEIVED: RCPT TO:<kxxxx@xxxx.com>"
"SMTPD"	3888	2068	"2020-05-06 19:17:01.164"	"45.142.182.53"	"SENT: 250 OK"
"SMTPD"	1896	2068	"2020-05-06 19:17:01.273"	"45.142.182.53"	"RECEIVED: DATA"
"SMTPD"	1896	2068	"2020-05-06 19:17:01.273"	"45.142.182.53"	"SENT: 354 OK, send."
"DEBUG"	712	"2020-05-06 19:17:01.398"	"Adding task AsynchronousTask to work queue Asynchronous task queue"
"DEBUG"	2484	"2020-05-06 19:17:01.398"	"Executing task AsynchronousTask in work queue Asynchronous task queue"
"DEBUG"	2484	"2020-05-06 19:17:01.398"	"Spam test: SpamTestDNSBlackLists, Score: 0"
"DEBUG"	2484	"2020-05-06 19:17:01.398"	"Spam test: SpamTestHeloHost, Score: 0"
"DEBUG"	2484	"2020-05-06 19:17:01.679"	"Spam test: SpamTestMXRecords, Score: 0"
"DEBUG"	2484	"2020-05-06 19:17:01.679"	"Spam test: SpamTestSPF, Score: 0"
"DEBUG"	2484	"2020-05-06 19:17:01.679"	"Total spam score: 0"
"DEBUG"	2484	"2020-05-06 19:17:01.679"	"SURBL: Execute"
"DEBUG"	2484	"2020-05-06 19:17:01.679"	"SURBL: Found URL: telegram.org"
"DEBUG"	2484	"2020-05-06 19:17:01.679"	"SURBL: Found URL: aptrk1.com"
"DEBUG"	2484	"2020-05-06 19:17:01.679"	"SURBL: Found URL: imgur.com"
"DEBUG"	2484	"2020-05-06 19:17:01.695"	"SURBL: 3 unique addresses found."
"DEBUG"	2484	"2020-05-06 19:17:01.695"	"SURBL: Lookup: aptrk1.com.multi.surbl.org"
"DEBUG"	2484	"2020-05-06 19:17:01.695"	"SURBL: Lookup: imgur.com.multi.surbl.org"
"DEBUG"	2484	"2020-05-06 19:17:01.695"	"SURBL: Lookup: telegram.org.multi.surbl.org"
"DEBUG"	2484	"2020-05-06 19:17:01.695"	"SURBL: Match not found"
"DEBUG"	2484	"2020-05-06 19:17:01.695"	"Spam test: SpamTestSURBL, Score: 0"
"DEBUG"	2484	"2020-05-06 19:17:01.695"	"Spam test: SpamTestDKIM, Score: 0"
"DEBUG"	2484	"2020-05-06 19:17:01.695"	"Total spam score: 0"
"DEBUG"	2484	"2020-05-06 19:17:01.695"	"Executing event OnAcceptMessage"
"DEBUG"	2484	"2020-05-06 19:17:01.695"	"Event completed"
"DEBUG"	2484	"2020-05-06 19:17:01.695"	"Saving message: {1D3505D6-8C9F-4DC3-B505-14D381B7C0CB}.eml"
"DEBUG"	2484	"2020-05-06 19:17:01.695"	"Requesting SMTPDeliveryManager to start message delivery"
"SMTPD"	2484	2068	"2020-05-06 19:17:01.695"	"45.142.182.53"	"SENT: 250 Queued (0.256 seconds)"
"DEBUG"	3540	"2020-05-06 19:17:01.695"	"Adding task DeliveryTask to work queue SMTP delivery queue"
"DEBUG"	3820	"2020-05-06 19:17:01.695"	"Executing task DeliveryTask in work queue SMTP delivery queue"
"DEBUG"	3820	"2020-05-06 19:17:01.695"	"Delivering message..."
"APPLICATION"	3820	"2020-05-06 19:17:01.695"	"SMTPDeliverer - Message 12168787: Delivering message from info@PK8AN.enterpriserentacar.ca to kxxxx@xxxx.com. File: C:\Program Files\hMailServer\Data\{1D3505D6-8C9F-4DC3-B505-14D381B7C0CB}.eml"
"DEBUG"	3820	"2020-05-06 19:17:01.695"	"Applying rules"
"DEBUG"	3820	"2020-05-06 19:17:01.695"	"Copying mail contents"
"DEBUG"	3820	"2020-05-06 19:17:01.695"	"Saving message: {7B17D3CB-DD22-4D6F-AD0A-DB29EF37D33A}.eml"
"DEBUG"	3820	"2020-05-06 19:17:01.695"	"Requesting SMTPDeliveryManager to start message delivery"
"DEBUG"	3820	"2020-05-06 19:17:01.695"	"Performing local delivery"
"DEBUG"	3540	"2020-05-06 19:17:01.711"	"Adding task DeliveryTask to work queue SMTP delivery queue"
"DEBUG"	1356	"2020-05-06 19:17:01.711"	"Executing task DeliveryTask in work queue SMTP delivery queue"
"DEBUG"	1356	"2020-05-06 19:17:01.711"	"Delivering message..."
"APPLICATION"	1356	"2020-05-06 19:17:01.711"	"SMTPDeliverer - Message 12168788: Delivering message from info@PK8AN.enterpriserentacar.ca to mxxxxxxx@xxxxxx.net. File: C:\Program Files\hMailServer\Data\{7B17D3CB-DD22-4D6F-AD0A-DB29EF37D33A}.eml"
"DEBUG"	1356	"2020-05-06 19:17:01.711"	"Applying rules"
"DEBUG"	1356	"2020-05-06 19:17:01.711"	"Performing local delivery"
"DEBUG"	1356	"2020-05-06 19:17:01.711"	"Applying rules"
"DEBUG"	1356	"2020-05-06 19:17:01.711"	"Saving message: {7B17D3CB-DD22-4D6F-AD0A-DB29EF37D33A}.eml"
"DEBUG"	1356	"2020-05-06 19:17:01.711"	"Local delivery completed"
"APPLICATION"	1356	"2020-05-06 19:17:01.711"	"SMTPDeliverer - Message 12168788: Message delivery thread completed."
"DEBUG"	3820	"2020-05-06 19:17:01.758"	"Applying rules"
"DEBUG"	3820	"2020-05-06 19:17:01.758"	"Saving message: {1D3505D6-8C9F-4DC3-B505-14D381B7C0CB}.eml"
"SMTPD"	3888	2068	"2020-05-06 19:17:01.820"	"45.142.182.53"	"RECEIVED: QUIT"
"SMTPD"	3888	2068	"2020-05-06 19:17:01.820"	"45.142.182.53"	"SENT: 221 goodbye"
"DEBUG"	3232	"2020-05-06 19:17:01.820"	"Ending session 2068"
"DEBUG"	3820	"2020-05-06 19:17:01.820"	"Local delivery completed"
"APPLICATION"	3820	"2020-05-06 19:17:01.820"	"SMTPDeliverer - Message 12168787: Message delivery thread completed."



User avatar
RvdH
Senior user
Senior user
Posts: 3235
Joined: 2008-06-27 14:42
Location: The Netherlands

Re: Maybe Antispam DNS Blacklist not working

Post by RvdH » 2020-05-07 08:31

HMailLover2015 wrote:
2020-05-06 19:38
Shouldn't there be entries for each blacklist checked?
No
CIDR to RegEx: d-fault.nl/cidrtoregex
DNS Lookup: d-fault.nl/dnstools
DKIM Generator: d-fault.nl/dkimgenerator
DNSBL Lookup: d-fault.nl/dnsbllookup
GEOIP Lookup: d-fault.nl/geoiplookup

User avatar
jimimaseye
Moderator
Moderator
Posts: 10060
Joined: 2011-09-08 17:48

Re: Maybe Antispam DNS Blacklist not working

Post by jimimaseye » 2020-05-07 09:57

Why do you have this? :

Code: Select all

-----------------------------------------------------------------------------------------------

INCOMING RELAYS
                    0.0.0.0          -   255.255.255.255
-----------------------------------------------------------------------------------------------
That effectively stops everything from being checked anyway. (It will always result in Zero).https://www.hmailserver.com/documentati ... omingrelay

Remove this setting and retry (unless you have a valid reason why you have set it in the first place).

[Entered by mobile. Excuse my spelling.]
5.7 on test.
SpamassassinForWindows 3.4.0 spamd service
AV: Clamwin + Clamd service + sanesecurity defs : https://www.hmailserver.com/forum/viewtopic.php?f=21&t=26829

User avatar
mattg
Moderator
Moderator
Posts: 22437
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: Maybe Antispam DNS Blacklist not working

Post by mattg » 2020-05-07 11:01

RvdH wrote:
2020-05-07 08:31
HMailLover2015 wrote:
2020-05-06 19:38
Shouldn't there be entries for each blacklist checked?
No
I get them as TCP/IP entries in 5.7

Code: Select all

"TCPIP"	66088	"2020-05-07 18:49:09.300"	"DNS lookup: xxx.xxx.xxx.xxx.bl.spamcop.net, 0 addresses found: (none), Match: False"
"TCPIP"	66088	"2020-05-07 18:49:09.600"	"DNS lookup: xxx.xxx.xxx.xxx.zen.spamhaus.org, 0 addresses found: (none), Match: False"
"TCPIP"	66088	"2020-05-07 18:49:10.129"	"DNS lookup: xxx.xxx.xxx.xxx.b.barracudacentral.org, 0 addresses found: (none), Match: False"
"TCPIP"	66088	"2020-05-07 18:49:10.425"	"DNS lookup: xxx.xxx.xxx.xxx.cbl.abuseat.org, 0 addresses found: (none), Match: False"
"TCPIP"	66088	"2020-05-07 18:49:11.020"	"DNS lookup: xxx.xxx.xxx.xxx.aspews.ext.sorbs.net, 0 addresses found: (none), Match: False"
"TCPIP"	66088	"2020-05-07 18:49:11.597"	"DNS lookup: xxx.xxx.xxx.xxx.dnsbl.sorbs.net, 0 addresses found: (none), Match: False"
"TCPIP"	66088	"2020-05-07 18:49:11.832"	"DNS lookup: xxx.xxx.xxx.xxx.ubl.unsubscore.com, 0 addresses found: (none), Match: False"
"TCPIP"	66088	"2020-05-07 18:49:11.864"	"DNS lookup: xxx.xxx.xxx.xxx.sbl.spamhaus.org, 0 addresses found: (none), Match: False"
"TCPIP"	66088	"2020-05-07 18:49:11.864"	"DNS lookup: xxx.xxx.xxx.xxx.sbl.spamhaus.org, 0 addresses found: (none), Match: False"
"TCPIP"	66088	"2020-05-07 18:49:13.068"	"DNS lookup: xxx.xxx.xxx.xxx.zz.countries.nerd.dk, 1 addresses found: 127.0.3.72, Match: False"
"TCPIP"	66088	"2020-05-07 18:49:13.630"	"DNS lookup: xxx.xxx.xxx.xxx.hostkarma.junkemailfilter.com, 2 addresses found: 127.0.0.1, 127.0.1.1, Match: False"
"TCPIP"	66088	"2020-05-07 18:49:14.222"	"DNS lookup: xxx.xxx.xxx.xxx.all.bl.blocklist.de, 0 addresses found: (none), Match: False"
"TCPIP"	66088	"2020-05-07 18:49:14.488"	"DNS lookup: xxx.xxx.xxx.xxx.all.spamrats.com, 0 addresses found: (none), Match: False"
"TCPIP"	66088	"2020-05-07 18:49:15.066"	"DNS lookup: xxx.xxx.xxx.xxx.ix.dnsbl.manitu.net, 0 addresses found: (none), Match: False"
"TCPIP"	66088	"2020-05-07 18:49:15.347"	"DNS lookup: xxx.xxx.xxx.xxx.dnsbl-1.uceprotect.net, 0 addresses found: (none), Match: False"
"TCPIP"	66088	"2020-05-07 18:49:15.925"	"DNS lookup: xxx.xxx.xxx.xxx.torexit.dan.me.uk, 0 addresses found: (none), Match: False"
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

HMailLover2015
New user
New user
Posts: 22
Joined: 2015-02-11 17:07

Re: Maybe Antispam DNS Blacklist not working

Post by HMailLover2015 » 2020-05-07 17:21

jimimaseye wrote:
2020-05-07 09:57
Why do you have this? :

Code: Select all

-----------------------------------------------------------------------------------------------

INCOMING RELAYS
                    0.0.0.0          -   255.255.255.255
-----------------------------------------------------------------------------------------------
That effectively stops everything from being checked anyway. (It will always result in Zero).https://www.hmailserver.com/documentati ... omingrelay

Remove this setting and retry (unless you have a valid reason why you have set it in the first place).

[Entered by mobile. Excuse my spelling.]
It has been removed and now I see entries in the log for spam checking

Code: Select all

"DEBUG"	2612	"2020-05-07 11:15:44.148"	"Creating session 7175"
"TCPIP"	2612	"2020-05-07 11:15:44.148"	"TCP - 54.149.191.236 connected to 192.168.2.99:25."
"DEBUG"	2612	"2020-05-07 11:15:44.148"	"TCP connection started for session 7174"
"SMTPD"	2612	7174	"2020-05-07 11:15:44.148"	"54.149.191.236"	"SENT: 220 mxxxxxx.cx ESMTP"
"SMTPD"	3232	7174	"2020-05-07 11:15:44.273"	"54.149.191.236"	"RECEIVED: EHLO outbound-191-236.usw2.aws.post.pinterest.com"
"SMTPD"	3232	7174	"2020-05-07 11:15:44.289"	"54.149.191.236"	"SENT: 250-mxxxxxx.cx[nl]250-SIZE 500000000[nl]250-AUTH LOGIN[nl]250 HELP"
"SMTPD"	1896	7174	"2020-05-07 11:15:44.383"	"54.149.191.236"	"RECEIVED: MAIL FROM:<bounces-508132907865363009@notifications.pinterest.com>"
"TCPIP"	1896	"2020-05-07 11:15:48.101"	"DNS lookup: 236.191.149.54.dnsbl.sorbs.net, 0 addresses found: (none), Match: False"
"TCPIP"	1896	"2020-05-07 11:15:48.133"	"DNS lookup: 236.191.149.54.bl.spamcopy.net, 0 addresses found: (none), Match: False"
"TCPIP"	1896	"2020-05-07 11:15:48.180"	"DNS lookup: 236.191.149.54.zen.spamhaus.org, 0 addresses found: (none), Match: False"
"DEBUG"	1896	"2020-05-07 11:15:48.180"	"Spam test: SpamTestDNSBlackLists, Score: 0"
"DEBUG"	1896	"2020-05-07 11:15:48.289"	"Spam test: SpamTestHeloHost, Score: 0"
"DEBUG"	1896	"2020-05-07 11:15:48.351"	"Spam test: SpamTestMXRecords, Score: 0"
"DEBUG"	1896	"2020-05-07 11:15:48.492"	"Spam test: SpamTestSPF, Score: 0"
"DEBUG"	1896	"2020-05-07 11:15:48.492"	"Total spam score: 0"
"SMTPD"	1896	7174	"2020-05-07 11:15:48.492"	"54.149.191.236"	"SENT: 250 OK"
"SMTPD"	1896	7174	"2020-05-07 11:15:48.586"	"54.149.191.236"	"RECEIVED: RCPT TO:<ixxx@jxxxxxx.cxx>"
"SMTPD"	1896	7174	"2020-05-07 11:15:48.586"	"54.149.191.236"	"SENT: 250 OK"
"SMTPD"	712	7174	"2020-05-07 11:15:49.383"	"54.149.191.236"	"RECEIVED: DATA"
"SMTPD"	712	7174	"2020-05-07 11:15:49.383"	"54.149.191.236"	"SENT: 354 OK, send."
"DEBUG"	3888	"2020-05-07 11:15:49.695"	"Adding task AsynchronousTask to work queue Asynchronous task queue"
"DEBUG"	2484	"2020-05-07 11:15:49.695"	"Executing task AsynchronousTask in work queue Asynchronous task queue"
"DEBUG"	2484	"2020-05-07 11:15:49.695"	"SURBL: Execute"
"DEBUG"	2484	"2020-05-07 11:15:49.695"	"SURBL: Found URL: pinterest.com"
"DEBUG"	2484	"2020-05-07 11:15:49.711"	"SURBL: Found URL: w3.org"
"DEBUG"	2484	"2020-05-07 11:15:49.711"	"SURBL: Found URL: pinimg.com"
"DEBUG"	2484	"2020-05-07 11:15:49.711"	"SURBL: 3 unique addresses found."
"DEBUG"	2484	"2020-05-07 11:15:49.711"	"SURBL: Lookup: pinimg.com.multi.surbl.org"
"DEBUG"	2484	"2020-05-07 11:15:49.867"	"SURBL: Lookup: pinterest.com.multi.surbl.org"
"DEBUG"	2484	"2020-05-07 11:15:50.008"	"SURBL: Lookup: w3.org.multi.surbl.org"
"DEBUG"	2484	"2020-05-07 11:15:50.195"	"SURBL: Match not found"
"DEBUG"	2484	"2020-05-07 11:15:50.195"	"Spam test: SpamTestSURBL, Score: 0"
"DEBUG"	2484	"2020-05-07 11:15:50.242"	"DKIM: Message passed validation."
"DEBUG"	2484	"2020-05-07 11:15:50.242"	"Spam test: SpamTestDKIM, Score: 0"
"DEBUG"	2484	"2020-05-07 11:15:50.242"	"Total spam score: 0"
"DEBUG"	2484	"2020-05-07 11:15:50.242"	"Executing event OnAcceptMessage"
"DEBUG"	2484	"2020-05-07 11:15:50.242"	"Event completed"
"DEBUG"	2484	"2020-05-07 11:15:50.242"	"Saving message: {152B5F8E-DDDB-4F55-850F-799E94187AC6}.eml"
"DEBUG"	2484	"2020-05-07 11:15:50.242"	"Requesting SMTPDeliveryManager to start message delivery"
"SMTPD"	2484	7174	"2020-05-07 11:15:50.242"	"54.149.191.236"	"SENT: 250 Queued (0.768 seconds)"
"DEBUG"	3540	"2020-05-07 11:15:50.242"	"Adding task DeliveryTask to work queue SMTP delivery queue"
"DEBUG"	1904	"2020-05-07 11:15:50.242"	"Executing task DeliveryTask in work queue SMTP delivery queue"
"DEBUG"	1904	"2020-05-07 11:15:50.242"	"Delivering message..."
"APPLICATION"	1904	"2020-05-07 11:15:50.242"	"SMTPDeliverer - Message 12170004: Delivering message from bounces-508132907865363009@notifications.pinterest.com to ixxx@jxxxxxx.cxx. File: C:\Program Files\hMailServer\Data\{152B5F8E-DDDB-4F55-850F-799E94187AC6}.eml"
"DEBUG"	1904	"2020-05-07 11:15:50.258"	"Applying rules"
"DEBUG"	1904	"2020-05-07 11:15:50.258"	"Copying mail contents"
"DEBUG"	1904	"2020-05-07 11:15:50.258"	"Saving message: {B9A25180-D4A2-49DD-BFFB-940ECC6C6A2B}.eml"
"DEBUG"	1904	"2020-05-07 11:15:50.258"	"Requesting SMTPDeliveryManager to start message delivery"
"DEBUG"	1904	"2020-05-07 11:15:50.258"	"Performing local delivery"
"DEBUG"	3540	"2020-05-07 11:15:50.258"	"Adding task DeliveryTask to work queue SMTP delivery queue"
"DEBUG"	1356	"2020-05-07 11:15:50.273"	"Executing task DeliveryTask in work queue SMTP delivery queue"
"DEBUG"	1356	"2020-05-07 11:15:50.273"	"Delivering message..."
"APPLICATION"	1356	"2020-05-07 11:15:50.273"	"SMTPDeliverer - Message 12170005: Delivering message from bounces-508132907865363009@notifications.pinterest.com to mxxx@jxxxx.xxx. File: C:\Program Files\hMailServer\Data\{B9A25180-D4A2-49DD-BFFB-940ECC6C6A2B}.eml"
"DEBUG"	1356	"2020-05-07 11:15:50.273"	"Applying rules"
"DEBUG"	1356	"2020-05-07 11:15:50.273"	"Performing local delivery"
"DEBUG"	1356	"2020-05-07 11:15:50.273"	"Applying rules"
"DEBUG"	1356	"2020-05-07 11:15:50.273"	"Saving message: {B9A25180-D4A2-49DD-BFFB-940ECC6C6A2B}.eml"
"DEBUG"	1356	"2020-05-07 11:15:50.273"	"Local delivery completed"
"APPLICATION"	1356	"2020-05-07 11:15:50.273"	"SMTPDeliverer - Message 12170005: Message delivery thread completed."
"DEBUG"	1904	"2020-05-07 11:15:50.289"	"Applying rules"
"DEBUG"	1904	"2020-05-07 11:15:50.289"	"Applying rule xxx"
"DEBUG"	1904	"2020-05-07 11:15:50.289"	"Applying rule xxx"
"DEBUG"	1904	"2020-05-07 11:15:50.289"	"Saving message: {152B5F8E-DDDB-4F55-850F-799E94187AC6}.eml"
"DEBUG"	1904	"2020-05-07 11:15:50.351"	"Reading messages from database."
"DEBUG"	1904	"2020-05-07 11:15:50.367"	"Local delivery completed"
"APPLICATION"	1904	"2020-05-07 11:15:50.367"	"SMTPDeliverer - Message 12170004: Message delivery thread completed."
"SMTPD"	3232	7174	"2020-05-07 11:15:55.352"	"54.149.191.236"	"RECEIVED: QUIT"
"SMTPD"	3232	7174	"2020-05-07 11:15:55.352"	"54.149.191.236"	"SENT: 221 goodbye"
What exactly does the incoming relay section do - what is it used for? Apparently this is left over from the original installation and configuration many years and many versions ago..... Not sure why that was set.....

palinka
Senior user
Senior user
Posts: 4461
Joined: 2017-09-12 17:57

Re: Maybe Antispam DNS Blacklist not working

Post by palinka » 2020-05-07 20:06

HMailLover2015 wrote:
2020-05-07 17:21
What exactly does the incoming relay section do - what is it used for?
Trusted relay, so no spam checking. Would be used for example for another relay that accepts messages from an automated machine incapable of authentication. Or any other trusted source like a backup mx.

User avatar
SorenR
Senior user
Senior user
Posts: 6315
Joined: 2006-08-21 15:38
Location: Denmark

Re: Maybe Antispam DNS Blacklist not working

Post by SorenR » 2020-05-07 20:42

HMailLover2015 wrote:
2020-05-07 17:21
What exactly does the incoming relay section do - what is it used for? Apparently this is left over from the original installation and configuration many years and many versions ago..... Not sure why that was set.....
The technical explanation is... Every time an email is processed by a SMTP Server/Relay a "Received: ...." line is added to the email headers.
The normal SPAM checking procedure is to process the LAST "Received: ...." header as this is 99.999% the originating mailserver.
By adding a "trusted relay" you tell hMailServer to process the "Received: ...." header BEFORE the LAST.

A practical use is for example a Backup MX that will intercept emails if the main server is unavailable. When the connection to the main server is regained, emails will start to arrive. Since there is no point in SPAM checking the LAST "Received: ...." header as this is the Backup MX, the setting tells hMailServer that IF mail is from Backup MX please check the server BEFORE that.

In your case there would be NO server BEFORE the LAST so that is why your server did not SPAM check mails.
SørenR.

Woke is Marxism advancing through Maoist cultural revolution.

User avatar
jimimaseye
Moderator
Moderator
Posts: 10060
Joined: 2011-09-08 17:48

Re: Maybe Antispam DNS Blacklist not working

Post by jimimaseye » 2020-05-07 21:37

HMailLover2015 wrote:
2020-05-07 17:21
It has been removed and now I see entries in the log for spam checking
Thought it would. Good.
HMailLover2015 wrote:
2020-05-07 17:21
What exactly does the incoming relay section do - what is it used for? Apparently this is left over from the original installation and configuration many years and many versions ago.....
The answer was in the link to the documentation I posted. It explains it there.
5.7 on test.
SpamassassinForWindows 3.4.0 spamd service
AV: Clamwin + Clamd service + sanesecurity defs : https://www.hmailserver.com/forum/viewtopic.php?f=21&t=26829

Post Reply