[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Blacklisting (postfix rbl) - recent issue with blackhole.securitysage.com

On Fri, Mar 16, 2007 at 01:56:14AM +0100, Robert Hensel wrote:
> >>>Mar 14 11:01:03 hostname postfix/smtpd[28035]: NOQUEUE: reject: RCPT 
> >>>      
> >>>from hostname[ip]: 554 5.7.1 Service unavailable; Client host 
> >>    
> >>>[hostname] blocked using blackhole.securitysage.com; 
> >>>from=<address@addresss.com> to=<address@address.com> proto=ESMTP 
> >>>helo=<hostname>
> >>>      
> >
> >It is quite useless to paste (sections of) logfiles, while munging most
> >of it. I could have come up with this line myself. The most important
> >part has been munged as well: the connecting IP address which has been
> >checked against the blackhole.securitysage.com rbl.
> >  
> Since it is clearly an issue that is not related to a specific host, 
> since multiple systems (inbound and servers) had the same problem I do 
> not find it usefull or necessary to disclose that information. Also see 
> the email below I received from securitysage (can also be found on the 
> wiki link):

of course the client IP is essential information - how else are we, who
you have asked for help, to check whether it IS actually listed in any

munging the recipient address is OK, that is privacy-sensitive
information, but revealing the client IP a) doesn't infringe anyone's
privacy (because it doesn't identify an individual) and b) is essential
for diagnostic purposes.


craig sanders <cas@taz.net.au>

BOFH excuse #187: Reformatting Page. Wait...

Reply to: