We newly installed Spam Filter ISP with great success.

Thanks!

A mail is filteret out to be spam, which is not spam:

- Invalid MX record -

Sender: mailto:sales@support.objectplanet.com - sales@support.objectplanet.com

Recipient: mailto:kieke@ptg.dk - kieke@ptg.dk

 

MX record look up in http://www.mxtoolbox.com/ - http://www.mxtoolbox.com/  conclude that the MX record obviously is OK.

Can anybody help??

 

04/11/08 10:24:13:343 -- (1116) Connection from: 88.87.43.136  -  Originating country : Norway
04/11/08 10:24:13:437 -- (1116) Received MAIL FROM: < mailto:sales@support.objectplanet.com - sales@support.objectplanet.com >
04/11/08 10:24:13:468 -- (1116) Received RCPT TO: mailto:kieke@ptg.dk - kieke@ptg.dk
04/11/08 10:24:13:468 -- (3128) Received RCPT TO: mailto:armando@tvind.dk - armando@tvind.dk
04/11/08 10:24:13:562 -- (4488) Received MAIL FROM: < mailto:barrerayb5@baldonimoto.com - barrerayb5@baldonimoto.com >
04/11/08 10:24:13:609 -- (1116) Resolving 88.87.43.136 - support.objectplanet.com
04/11/08 10:24:13:656 -- (3128) Resolving 77.74.226.162 - Not found
04/11/08 10:24:13:656 -- (3128) - Reverse DNS not found -
04/11/08 10:24:13:656 -- (3128) 77.74.226.162 - Mail from: mailto:donpratt@wlimproducts.com - donpratt@wlimproducts.com To: mailto:armando@tvind.dk - armando@tvind.dk will be rejected
04/11/08 10:24:13:812 -- (1116) - Invalid MX record -
04/11/08 10:24:13:812 -- (1116) 88.87.43.136 - Mail from: mailto:sales@support.objectplanet.com - sales@support.objectplanet.com To: mailto:kieke@ptg.dk - kieke@ptg.dk will be rejected
04/11/08 10:24:14:015 -- (1116) Starting quarantine procedures
04/11/08 10:24:14:015 -- (3044) Adding to Quarantine file:QrtFA1.tmp
04/11/08 10:24:14:015 -- (1116) Created thread (3044) to add email to quarantine
04/11/08 10:24:14:015 -- (1116) Starting bayesian procedures
04/11/08 10:24:14:046 -- (3044) EMail from mailto:sales@support.objectplanet.com - sales@support.objectplanet.com to mailto:kieke@ptg.dk - kieke@ptg.dk was received and quarantined. Size: 1 KB, 1024 bytes
04/11/08 10:24:14:062 -- (4560) Time to add Msg to Bayes corpus:0
04/11/08 10:24:14:609 -- (4488) Received RCPT TO: mailto:anders@christianshede.dk - anders@christianshede.dk
04/11/08 10:24:14:671 -- (4488) Resolving 85.104.12.108 - dsl85-104-3180.ttnet.net.tr
04/11/08 10:24:14:812 -- (4508) Received MAIL FROM: < mailto:vyylanr@bookchase.com - vyylanr@bookchase.com >
04/11/08 10:24:15:187 -- (1116) Blacklist cache - Added 88.87.43.136 to limbo
04/11/08 10:24:15:187 -- (1116) Disconnect

 

Regards

Asger

 

 

Thanks a log for quick reply.

I looked up the MX record in http://www.mxtoolbox.com/ - http://www.mxtoolbox.com/

support.objectplanet.com gave result: No MX record

objectplanet.com gave result:

ns1.domaindiscover.com report the following MX records:

Preference: 10, Host Name: support.objectplanet.com, IP: 88.87.43.136, TTL: 3600.

They have a feature "Test e-mail" server, which ESMTP Sendmail gives result Good, OK.

 

It is a mail from a company - used for reply to e-commerce...

 

My questions:

Can I configure my Spamfilter to overcome this sort of error?

Do you know if this faulty configuring of MX record is widespread?

 

I have another example here, also from a company in e-commerce...

Not spam...

See case no. 4752

 

04/08/08 12:32:21:218 -- (4752) Received MAIL FROM: < mailto:apache@rhdk2.gpserver.dk - apache@rhdk2.gpserver.dk >
04/08/08 12:32:21:218 -- (5088) Received RCPT TO: mailto:andrea@drh-holsted.org - andrea@drh-holsted.org
04/08/08 12:32:21:218 -- (5088) Mail from: mailto:AngelakilgoreGalvan@old-versions.net - AngelakilgoreGalvan@old-versions.net
04/08/08 12:32:21:218 -- (5088) 88.245.228.2 - Mail from: mailto:AngelakilgoreGalvan@old-versions.net - AngelakilgoreGalvan@old-versions.net To: mailto:andrea@drh-holsted.org - andrea@drh-holsted.org will be rejected
04/08/08 12:32:21:234 -- (4752) Received RCPT TO: mailto:kieke@ptg.dk - kieke@ptg.dk
04/08/08 12:32:21:265 -- (4752) Resolving 195.41.114.68 - tdc1-68.gpserver.com
04/08/08 12:32:21:265 -- (4752) - Invalid MX record -
04/08/08 12:32:21:265 -- (4752) 195.41.114.68 - Mail from: mailto:apache@rhdk2.gpserver.dk - apache@rhdk2.gpserver.dk To: mailto:kieke@ptg.dk - kieke@ptg.dk will be rejected
04/08/08 12:32:21:265 -- (3884) Received RCPT TO: mailto:sandra@drh-holsted.org - sandra@drh-holsted.org
04/08/08 12:32:21:265 -- (3884) Mail from: mailto:VirginiarigorousPearce@michaelbuble.com - VirginiarigorousPearce@michaelbuble.com
04/08/08 12:32:21:265 -- (3884) 88.245.228.2 - Mail from: mailto:VirginiarigorousPearce@michaelbuble.com - VirginiarigorousPearce@michaelbuble.com To: mailto:sandra@drh-holsted.org - sandra@drh-holsted.org will be rejected
04/08/08 12:32:21:312 -- (4752) Starting quarantine procedures
04/08/08 12:32:21:312 -- (4752) Created thread (4880) to add email to quarantine
04/08/08 12:32:21:312 -- (4752) Starting bayesian procedures

 

Regards

*Asger

 

In the case of:

04/08/08 12:32:21:265 -- (4752) 195.41.114.68 - Mail from: mailto:apache@rhdk2.gpserver.dk - apache@rhdk2.gpserver.dk To: mailto:kieke@ptg.dk - kieke@ptg.dk will be rejected
This is even worse.  the address " mailto:apache@rhdk2.gpserver.dk - apache@rhdk2.gpserver.dk " is not an address that can be delivered to as there is no mail server there at all.  This is what the "MX" record test is supposed to test for ... no valid return path.

Thank you - I really appreciate you answers.

I fully understand the problem.

BUT what do I do as administrator on my mailserver...

My custumors do not get some mails because other operators not complying to RFC guidelines/rules.

Is the only solution to take contact to these operaters and try to make them do things correctly.

 

Thanks a lot!

Asger

 

My experience tells me that you will not have much sucess contacting the other admins though you can try.  Try removing the "no MX" test from spamfilter and see how it impacts your spam quantity.

Yes - I can try "no MX" test, and monitor the amount of spam.

Thanks for you help!

 

Asger

 

Depending on how your network is setup.

in my instance, mailspam looks to my DNS server on my 2003 server, my 2003 server then forwards requests to the ISP DNS if it cannot resolve. so in this issue, i could simply create an MX record for the badly configured one's.

This is not a *great* solution as it will only work as long as the sender's MX does not alter.

As has been said the admins at the senders end are bad operators and should not be doing the job that they are. but trying to get some idiot somewhere to change there practice is near on impossible.

So creating an MX for them on your own in house servers is a way around this, and probably better than turning off the filter alltogether.

 

Good Luck.