SpamAssassin, HMS and RDNS_NONE

Use this forum if you have installed hMailServer and want to ask a question related to a production release of hMailServer. Before posting, please read the troubleshooting guide. A large part of all reported issues are already described in detail here.
Post Reply
amokkaths
New user
New user
Posts: 15
Joined: 2012-04-19 22:20

SpamAssassin, HMS and RDNS_NONE

Post by amokkaths » 2012-04-20 10:56

Hello! I installed latest beta HMS and spamassassin from JAMsoftware. Every message SA scans it claims RDNS_NONE rule was triggered. This is true, because HMS writes "Received" header in format, which SA can not parse and does not perform reverse DNS lookup.
HMS writes:
Received: from exapmle.com ([123.45.67.8])
where example.com is not even rDNS, it is HELO.
Spamassassin has couple of nice rules, based on rDNS, which can not work, because HMS is too lazy to perform rDNS lookup and write it to Received header.
What can be done to resolve this issue? From ther other side, may be someone know how to force SA to perform rDNS lookup by itself?
Thanks for any ideas.

^DooM^
Site Admin
Posts: 13861
Joined: 2005-07-29 16:18
Location: UK

Re: SpamAssassin, HMS and RDNS_NONE

Post by ^DooM^ » 2012-04-20 13:22

Actually it does set the rdns in the header
Received: from smtp-vbr11.xs4all.nl (smtp-vbr11.xs4all.nl [194.109.24.31])
by mail.mydomain.com
Perhaps your DNS server is faulty.
If at first you don't succeed, bomb disposal probably isn't for you! ヅ

amokkaths
New user
New user
Posts: 15
Joined: 2012-04-19 22:20

Re: SpamAssassin, HMS and RDNS_NONE

Post by amokkaths » 2012-04-20 13:32

^DooM^, what can be faulty? My server uses 8.8.8.8, "nslookup" works great. DNSBL works too. But in Received headers HMS writes name which remote HELO provided, not real PTR of remote host.
I am using 5.4-B1931. What version are you using?

For example: HMS Log:

Code: Select all

"SMTPD"    5612    6023    "2012-04-20 00:48:00.738"    "89.149.254.252"    "SENT: 220 mail.....ua ESMTP"
"SMTPD"    4408    6023    "2012-04-20 00:48:00.785"    "89.149.254.252"    "RECEIVED: EHLO socot.com.ua"
"SMTPD"    4408    6023    "2012-04-20 00:48:00.785"    "89.149.254.252"    "SENT: 250-mail......ua[nl]250-SIZE 102400000[nl]250 AUTH LOGIN"
"SMTPD"    3268    6023    "2012-04-20 00:48:00.832"    "89.149.254.252"    "RECEIVED: MAIL FROM:<info@socot.com.ua> SIZE=125230"
"SMTPD"    3268    0    "2012-04-20 00:48:00.863"    "TCP"    "DNS lookup: 252.254.149.89.dul.ru, 0 addresses found: (none), Match: False"
"SMTPD"    3268    0    "2012-04-20 00:48:00.972"    "TCP"    "DNS lookup: 252.254.149.89.db.rurbl.ru, 0 addresses found: (none), Match: False"
"SMTPD"    3268    6023    "2012-04-20 00:48:00.972"    "89.149.254.252"    "SENT: 250 OK"
"SMTPD"    1884    6023    "2012-04-20 00:48:01.019"    "89.149.254.252"    "RECEIVED: RCPT TO:<.....@......ua>"
"SMTPD"    1884    0    "2012-04-20 00:48:01.050"    "TCP"    "DNS - MX Lookup: socot.com.ua"
"SMTPD"    1884    0    "2012-04-20 00:48:01.097"    "TCP"    "DNS - MX Result: 2 IP addresses were found."
"SMTPD"    1884    6023    "2012-04-20 00:48:01.112"    "89.149.254.252"    "SENT: 250 OK" 
Received headers:

Code: Select all

Received: from socot.com.ua ([89.149.254.252]) by mail.......ua ; Fri, 20 Apr 2012 01:00:12 +0300
Received: from gmail.com (sh2171.evanzo-server.de [87.238.192.171]) by socot.com.ua (Postfix) with ESMTP id CEE5F13C4A5F; Fri, 20 Apr 2012 02:24:03 +0200 (CEST) 

nslookup 89.149.254.252 gives me "hosted-by.leaseweb.com"

^DooM^
Site Admin
Posts: 13861
Joined: 2005-07-29 16:18
Location: UK

Re: SpamAssassin, HMS and RDNS_NONE

Post by ^DooM^ » 2012-04-20 15:20

I'm using latest experimental from Bill in this thread http://www.hmailserver.com/forum/viewto ... 10&t=21420 hmailbin-5.4-B2012022101.7z
If at first you don't succeed, bomb disposal probably isn't for you! ヅ

amokkaths
New user
New user
Posts: 15
Joined: 2012-04-19 22:20

Re: SpamAssassin, HMS and RDNS_NONE

Post by amokkaths » 2012-04-20 15:23

Oh thank you! This is just what I searched for :)
From changelog:
* FIX: rolaids0 updates to how hmail formats headers to fix SA "RDNS_NONE Delivered to internal network by a host with no rDNS" issues & perhaps others. Before: HELO ([ip]) After: HELO (PTR [ip]) Example Received: from bay0-omc2-s11.bay0.hotmail.com ([65.54.190.86]) becomes Received: from bay0-omc2-s11.bay0.hotmail.com (bay0-omc2-s11.bay0.hotmail.com [65.54.190.86]) (I realize it looks redundant but normally they SHOULD match but having both values allows SA to do tests properly.
Will install and try, thanks again for pointing.

^DooM^
Site Admin
Posts: 13861
Joined: 2005-07-29 16:18
Location: UK

Re: SpamAssassin, HMS and RDNS_NONE

Post by ^DooM^ » 2012-04-20 15:25

ok backup first and read Bills instructions 3 times.

You don't install these experimentals :)
If at first you don't succeed, bomb disposal probably isn't for you! ヅ

Post Reply