<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">Ich hänge mal das Log an:<div class=""><br class=""></div><div class=""><div style="margin: 0px; font-stretch: normal; font-size: 14px; line-height: normal; font-family: Menlo; color: rgb(102, 255, 102); background-color: rgb(25, 25, 25);" class=""><span style="font-variant-ligatures: no-common-ligatures" class="">May 2 11:26:14 smtp1 postfix/smtpd[25965]: connect from unknown[</span><span style="font-variant-ligatures: no-common-ligatures; color: #f79e96" class=""><b class="">199.122.127.224</b></span><span style="font-variant-ligatures: no-common-ligatures" class="">]</span></div><div style="margin: 0px; font-stretch: normal; font-size: 14px; line-height: normal; font-family: Menlo; color: rgb(102, 255, 102); background-color: rgb(25, 25, 25);" class=""><span style="font-variant-ligatures: no-common-ligatures" class="">May 2 11:26:15 smtp1 postfix/smtpd[25965]: Anonymous TLS connection established from unknown[</span><span style="font-variant-ligatures: no-common-ligatures; color: #f79e96" class=""><b class="">199.122.127.224</b></span><span style="font-variant-ligatures: no-common-ligatures" class="">]: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)</span></div><div style="margin: 0px; font-stretch: normal; font-size: 14px; line-height: normal; font-family: Menlo; color: rgb(102, 255, 102); background-color: rgb(25, 25, 25);" class=""><span style="font-variant-ligatures: no-common-ligatures" class="">May 2 11:26:15 smtp1 postfix/smtpd[25965]: B34661048F: client=unknown[</span><span style="font-variant-ligatures: no-common-ligatures; color: #f79e96" class=""><b class="">199.122.127.224</b></span><span style="font-variant-ligatures: no-common-ligatures" class="">]</span></div><div style="margin: 0px; font-stretch: normal; font-size: 14px; line-height: normal; font-family: Menlo; color: rgb(102, 255, 102); background-color: rgb(25, 25, 25);" class=""><span style="font-variant-ligatures: no-common-ligatures;" class="">May 2 11:26:16 smtp1 postfix/smtpd[25965]: disconnect from unknown[</span><span style="font-variant-ligatures: no-common-ligatures; color: rgb(247, 158, 150);" class=""><b class="">199.122.127.224</b></span><span style="font-variant-ligatures: no-common-ligatures;" class="">] ehlo=2 starttls=1 mail=1 rcpt=1 data=1 quit=1 commands=7</span></div><div><br class=""></div><div>Das kann man auch ohne debug im rspamd erkennen! :-)</div><div><br class=""></div><div>Jetzt frage ich mich, warum postfix keine DNS-Auflösung macht, rspamd und der Rest des OS aber sehr wohl.</div><div><br class=""></div><div>Der smtpd läuft nicht im chroot, ich habe keine Idee mehr und sehe den Wald vor lauter Bäumen nicht. :-(</div><div><br class=""></div><div><br class=""></div><div>Viele Grüße! Frank</div><div><br class=""></div><div><br class=""></div><div><br class=""></div><div><br class=""></div><div><br class=""></div><div><br class=""></div><div><br class=""><blockquote type="cite" class=""><div class="">Am 30.04.2019 um 14:00 schrieb Carsten Rosenberg <<a href="mailto:cr@ncxs.de" class="">cr@ncxs.de</a>>:</div><br class="Apple-interchange-newline"><div class=""><div class="">Hallo Frank,<br class=""><br class="">HFILTER löst die IP nicht selbst auf sondern verläßt sich auf die Angabe<br class="">von Postfix, der das via Milter mitliefert.<br class=""><br class="">Wenn du bei debug_modules milter hinzu fügst, kannst du das genau<br class="">beobachten.<br class=""><br class="">Viele Grüße<br class=""><br class="">Carsten<br class=""><br class="">On 29.04.19 16:25, Frank Fiene wrote:<br class=""><blockquote type="cite" class="">Ich habe folgendes Problem, hier der Auszug aus dem Log (Ich habe den<br class="">Score für HFILTER_HOSTNAME_UNKNOWN auf 4,5 erhöht, nicht wundern):<br class=""><br class="">smtp3 rspamd[24840]: <7925f1>; proxy; rspamd_task_write_log: id:<br class=""><<a href="mailto:1454046738@vekauk.com" class="">1454046738@vekauk.com</a> <<a href="mailto:1454046738@vekauk.com" class="">mailto:1454046738@vekauk.com</a>>>, qid:<br class=""><302BF16B41>, ip: 213.246.110.84, from: <<a href="mailto:noreply@vekauk.com" class="">noreply@vekauk.com</a><br class=""><<a href="mailto:noreply@vekauk.com" class="">mailto:noreply@vekauk.com</a>>>, (default: T (add header): [11.18/12.00]<br class="">[HFILTER_HOSTNAME_UNKNOWN(4.50){},<br class=""><br class=""><br class="">Wenn ich jetzt auf den Mailgateways teste, wird der Host aber FcrDNS<br class="">aufgelöst:<br class=""><br class="">gauss:~ ffiene$ host 213.246.110.84<br class=""><a href="http://84.110.246.213.in" class="">84.110.246.213.in</a> <<a href="http://84.110.246.213.in" class="">http://84.110.246.213.in</a>>-addr.arpa domain name<br class="">pointer <a href="http://server6.thinkap.co.uk" class="">server6.thinkap.co.uk</a> <<a href="http://server6.thinkap.co.uk" class="">http://server6.thinkap.co.uk</a>>.<br class="">gauss:~ ffiene$ host <a href="http://server6.thinkap.co.uk" class="">server6.thinkap.co.uk</a> <<a href="http://server6.thinkap.co.uk" class="">http://server6.thinkap.co.uk</a>><br class=""><a href="http://server6.thinkap.co.uk" class="">server6.thinkap.co.uk</a> <<a href="http://server6.thinkap.co.uk" class="">http://server6.thinkap.co.uk</a>> has address<br class="">213.246.110.84<br class=""><br class="">Wie kommt es dann, dass das Modul überhaupt anschlägt?<br class=""><br class=""><br class="">Viele Grüße!<br class="">Frank<br class="">-- <br class="">Frank Fiene<br class="">IT-Security Manager VEKA Group<br class=""><br class="">Fon: +49 2526 29-6200<br class="">Fax: +49 2526 29-16-6200<br class="">mailto: <a href="mailto:ffiene@veka.com" class="">ffiene@veka.com</a> <<a href="mailto:ffiene@veka.com" class="">mailto:ffiene@veka.com</a>><br class=""><a href="http://www.veka.com" class="">http://www.veka.com</a><br class=""><br class="">PGP-ID: 62112A51<br class="">PGP-Fingerprint: 7E12 D61B 40F0 212D 5A55 765D 2A3B B29B 6211 2A51<br class="">Threema: VZK5NDWW<br class=""><br class="">VEKA AG<br class="">Dieselstr. 8<br class="">48324 Sendenhorst<br class="">Deutschland/Germany<br class=""><br class="">Vorstand/Executive Board: Andreas Hartleif (Vorsitzender/CEO),<br class="">Dr. Andreas W. Hillebrand, Bonifatius Eichwald, Elke Hartleif, Dr.<br class="">Werner Schuler,<br class="">Vorsitzender des Aufsichtsrates/Chairman of Supervisory Board: Ulrich Weimer<br class="">HRB 8282 AG Münster/District Court of Münster<br class=""><br class=""></blockquote></div></div></blockquote></div><br class=""><div class="">
<div dir="auto" style="color: rgb(0, 0, 0); letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class=""><div style="color: rgb(0, 0, 0); letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class=""><div style="color: rgb(0, 0, 0); letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class=""><div style="color: rgb(0, 0, 0); letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class=""><div style="color: rgb(0, 0, 0); letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class=""><div style="color: rgb(0, 0, 0); letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class=""><div style="color: rgb(0, 0, 0); font-family: Helvetica; font-style: normal; font-variant-ligatures: normal; font-variant-caps: normal; font-variant-east-asian: normal; font-variant-position: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class=""><div style="color: rgb(0, 0, 0); font-family: Helvetica; font-style: normal; font-variant-ligatures: normal; font-variant-caps: normal; font-variant-east-asian: normal; font-variant-position: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">Viele Grüße!<br class="">i.A. Frank Fiene<br class="">-- <br class="">Frank Fiene</div><div style="color: rgb(0, 0, 0); font-family: Helvetica; font-style: normal; font-variant-ligatures: normal; font-variant-caps: normal; font-variant-east-asian: normal; font-variant-position: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">IT-Security Manager VEKA Group</div><div style="color: rgb(0, 0, 0); font-family: Helvetica; font-style: normal; font-variant-ligatures: normal; font-variant-caps: normal; font-variant-east-asian: normal; font-variant-position: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class=""><br class="">Fon: +49 2526 29-6200<br class="">Fax: +49 2526 29-16-6200<br class="">mailto: <a href="mailto:ffiene@veka.com" class="">ffiene@veka.com</a><br class=""><a href="http://www.veka.com" class="">http://www.veka.com</a><br class=""><br class=""></div><div style="color: rgb(0, 0, 0); font-family: Helvetica; font-style: normal; font-variant-ligatures: normal; font-variant-caps: normal; font-variant-east-asian: normal; font-variant-position: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">PGP-ID: 62112A51<br class="">PGP-Fingerprint: 7E12 D61B 40F0 212D 5A55 765D 2A3B B29B 6211 2A51</div><div style="color: rgb(0, 0, 0); font-family: Helvetica; font-style: normal; font-variant-ligatures: normal; font-variant-caps: normal; font-variant-east-asian: normal; font-variant-position: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">Threema: VZK5NDWW<br class=""><br class="">VEKA AG<br class="">Dieselstr. 8<br class="">48324 Sendenhorst<br class="">Deutschland/Germany<br class=""><br class="">Vorstand/Executive Board: Andreas Hartleif (Vorsitzender/CEO),<br class="">Dr. Andreas W. Hillebrand, Bonifatius Eichwald, Elke Hartleif, Dr. Werner Schuler,<br class="">Vorsitzender des Aufsichtsrates/Chairman of Supervisory Board: Ulrich Weimer<br class="">HRB 8282 AG Münster/District Court of Münster</div></div></div></div></div></div></div></div>
</div>
<br class=""></div></body></html>