RE: [vps-mail] User unknown bounces to invalid sender and return to lacal postmaster

["Martin Fischer" <martin.fischer@xxxxxxxxxxxxx>]

Hi, 

how to stop/avoid/block  550 5.1.1 bounces?

example: 

The original message was received at Fri, 16 Jan 2004 21:30:21 +0100 (CET)
from rbry-ip-nas-1-p417.telkom-ipnet.co.za [155.239.111.161]

   ----- The following addresses had permanent fatal errors -----
<xlv@xxxxxxxxxxxxx>
    (reason: 550 5.1.1 <xlv@xxxxxxxxxxxxx>... User unknown)

   ----- Transcript of session follows -----
... while talking to atvirtual.net.:
>>> DATA
<<< 550 5.1.1 <xlv@xxxxxxxxxxxxx>... User unknown
550 5.1.1 <xlv@xxxxxxxxxxxxx>... User unknown
<<< 503 5.0.0 Need RCPT (recipient)



The original message was received at Fri, 16 Jan 2004 21:56:55 +0100 (CET)
from localhost
with id i0GKrlTa087680

   ----- The following addresses had permanent fatal errors -----
<imdfz0z45z@xxxxxxxxxxx>
    (reason: 550 Requested action not taken: mailbox unavailable)

   ----- Transcript of session follows -----
... while talking to mx1.hotmail.com.:
>>> DATA
<<< 550 Requested action not taken: mailbox unavailable
550 5.1.1 <imdfz0z45z@xxxxxxxxxxx>... User unknown
<<< 503 Need Rcpt command.

 

-----Original Message-----
From: owner-vps-mail@xxxxxxxxxxxx [mailto:owner-vps-mail@xxxxxxxxxxxx] On Behalf Of Harrison Hind
Sent: Monday, December 01, 2003 5:00 PM
To: vps-mail@xxxxxxxxxxxx
Subject: Re: [vps-mail] Question re syntax for hosts.allow file

Abigail,
  I notice that you are only blocking port 25.  On VPS1, sendmail answers 
ports 25, 5190, and 587.  Perhaps some connections are coming through the 
alternate ports?  Change your hosts.allow to read:

smtp aol submission : 207.164.7.0/24 : deny

(the word names for the port numbers are in /etc/services)

Good Luck,
Harrison.


On Sun, Nov 30, 2003 at 09:09:11PM -0800, Abigail Marshall wrote:
> WW> Abigail Marshall wrote:
> 
> >>If I want to block an entire Class C of IP addresses as opposed to
> >>individual IP's in the hosts.allow file, what is the correct syntax?
> >>
> >>smtp : 207.164.7.0/24 : deny
> >>  
> >>
> WW> The above probably works on VPS1 (where sendmail is started by iservd 
> WW> for each incoming e-mail message).
> 
> Thanks, I do have a VPS1, and it turns out that this does
> NOT work. (I don't know why - I just know that when I coded
> it that way and tested, it did not stop activity from the
> specified IP).
> 
> >>or
> >>
> >>smtp : 207.164.7. : deny
> >>
> >>  
> >>
> 
> This DOES work - again on a VPS1.
> 
> WW> You could also accomplish the same (i.e., block a class C network) in 
> WW> access.db, with a line that begins something like:
> 
> I am using hosts.allow specifically to try to stop hackers
> who are attempting to relay spam through my server. I find these
> hackers because I see messages generated that say "Relaying
> denied. Proper authentication required." I've found that the
> tcpwrap (again on VPS1) is less resource-intensive - also I
> am hoping that if the hackers keep getting the "refused
> connection" message rather than a sendmail message, they'll
> give up trying sooner.
> 
> I do know how to block class C networks via access.db,
> though I really wish I could use netmask notation (0/32,
> 0/24, 0/23) etc. as once you figure out what it all means,
> it is much more powerful.  But I don't think that works in
> access.db.
> 
> -Abigail
> 
> ======================================================================
> This is <vps-mail@xxxxxxxxxxxx>       <http://www.perlcode.org/lists/>
> ======================================================================
======================================================================
This is <vps-mail@xxxxxxxxxxxx>       <http://www.perlcode.org/lists/>
======================================================================


======================================================================
This is <vps-mail@xxxxxxxxxxxx>       <http://www.perlcode.org/lists/>
Before posting a question, please search the archives (see above URL).