[prev in list] [next in list] [prev in thread] [next in thread]
List: dshield
Subject: [Dshield] list server behaviour - got disconnected.... :(
From: "Michael Schoen" <michael () schoen-hahn ! de>
Date: 2007-01-25 17:53:27
Message-ID: 000601c740a9$b759e100$040a0a0a () ds9 ! ddns ! anduras ! de
[Download RAW message or body]
Hi,
I have troubles getting this list over here in Germany..
See attached logs from one of my host below; I admit I have updated my MX
entry and switched Mid December mail servers for my email. But AFAIK DNS
values are correct.
So MX for schoen-hahn.de points to mail.schoen-hahn.de and that one to
81.169.155.159 which is now way the host I see my logs.
Before actually allowing stinger1.sans.org to relay two questions
(1) What are you guys doing here? Seems there is some weird DNS
behaviour
(2) Did I do any misconfiguration?
Best regards
Michael
P.S.
Replying directly off the list would probably be useful ;)
---------------------------------
Yesterday is history,
Tomorrow is a mystery
but Today is a gift.
That's why they call it present..
---------------------------------
goethe:/var/log # dig schoen-hahn.de mx
; <<>> DiG 9.3.2 <<>> schoen-hahn.de mx
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21883
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;schoen-hahn.de. IN MX
;; ANSWER SECTION:
schoen-hahn.de. 1284 IN MX 10 mail.schoen-hahn.de.
and mail.schoen-hahn.de points to
goethe:/var/log # dig mail.schoen-hahn.de a
; <<>> DiG 9.3.2 <<>> mail.schoen-hahn.de a
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16590
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;mail.schoen-hahn.de. IN A
;; ANSWER SECTION:
mail.schoen-hahn.de. 1230 IN A 81.169.155.159
goethe:/var/log # tac syslog | grep reject | more
Jan 25 17:39:59 goethe postfix/smtpd[29361]: reject: RCPT from
stinger1.sans.org[65.173.218.117]: 454 <michael@schoen-hahn.de>: rejected:
Relay access denied.
; from=<webcast@sans.org> to=<michael@schoen-hahn.de>
Jan 25 17:13:09 goethe postfix/smtpd[28700]: reject: RCPT from
stinger1.sans.org[65.173.218.117]: 454 <michael@schoen-hahn.de>: rejected:
Relay access denied.
; from=<newsbites@sans.org> to=<michael@schoen-hahn.de>
Jan 25 17:07:05 goethe postfix/smtpd[28694]: reject: RCPT from
iceman12-int.giac.net[65.173.218.115]: 454 <michael@schoen-hahn.de>:
rejected: Relay access den
ied.; from=<list-bounces@lists.dshield.org> to=<michael@schoen-hahn.de>
Jan 25 16:09:23 goethe postfix/smtpd[27470]: reject: RCPT from
59-112-85-43.dynamic.hinet.net[59.112.85.43]: 454 <candy59839@yahoo.com.tw>:
rejected: Relay ac
cess denied.; from=<michael78694@MyMainServer.com>
to=<candy59839@yahoo.com.tw>
Jan 25 15:59:38 goethe postfix/smtpd[27269]: reject: RCPT from
stinger1.sans.org[65.173.218.117]: 454 <michael@schoen-hahn.de>: rejected:
Relay access denied.
; from=<sans@sans.org> to=<michael@schoen-hahn.de>
Jan 25 15:59:04 goethe postfix/smtpd[27263]: reject: RCPT from
stinger1.sans.org[65.173.218.117]: 454 <michael@schoen-hahn.de>: rejected:
Relay access denied.
; from=<newsbites@sans.org> to=<michael@schoen-hahn.de>
Jan 25 14:46:57 goethe postfix/smtpd[25843]: reject: RCPT from
iceman12-int.giac.net[65.173.218.115]: 454 <michael@schoen-hahn.de>:
rejected: Relay access den
ied.; from=<mrroboto@isc.sans.org> to=<michael@schoen-hahn.de>
Jan 25 14:28:04 goethe postfix/smtpd[25448]: reject: RCPT from
stinger1.sans.org[65.173.218.117]: 454 <michael@schoen-hahn.de>: rejected:
Relay access denied.
; from=<sans@sans.org> to=<michael@schoen-hahn.de>
Jan 25 14:19:18 goethe postfix/smtpd[25248]: reject: RCPT from
stinger1.sans.org[65.173.218.117]: 454 <michael@schoen-hahn.de>: rejected:
Relay access denied.
; from=<newsbites@sans.org> to=<michael@schoen-hahn.de>
Jan 25 13:27:06 goethe postfix/smtpd[24265]: reject: RCPT from
iceman12-int.giac.net[65.173.218.115]: 454 <michael@schoen-hahn.de>:
rejected: Relay access den
ied.; from=<list-bounces@lists.dshield.org> to=<michael@schoen-hahn.de>
Jan 25 12:58:31 goethe postfix/smtpd[23664]: reject: RCPT from
stinger1.sans.org[65.173.218.117]: 454 <michael@schoen-hahn.de>: rejected:
Relay access denied.
; from=<newsbites@sans.org> to=<michael@schoen-hahn.de>
Jan 25 12:57:13 goethe postfix/smtpd[23655]: reject: RCPT from
stinger1.sans.org[65.173.218.117]: 454 <michael@schoen-hahn.de>: rejected:
Relay access denied.
; from=<sans@sans.org> to=<michael@schoen-hahn.de>
Jan 25 11:50:29 goethe postfix/smtpd[22268]: reject: RCPT from
stinger1.sans.org[65.173.218.117]: 454 <michael@schoen-hahn.de>: rejected:
Relay access denied.
; from=<webcast@sans.org> to=<michael@schoen-hahn.de>
Jan 25 11:26:36 goethe postfix/smtpd[21811]: reject: RCPT from
stinger1.sans.org[65.173.218.117]: 454 <michael@schoen-hahn.de>: rejected:
Relay access denied.
; from=<sans@sans.org> to=<michael@schoen-hahn.de>
Jan 25 10:55:29 goethe postfix/smtpd[21154]: reject: RCPT from
stinger1.sans.org[65.173.218.117]: 454 <michael@schoen-hahn.de>: rejected:
Relay access denied.
; from=<newsbites@sans.org> to=<michael@schoen-hahn.de>
Jan 25 10:00:25 goethe postfix/smtpd[19983]: reject: RCPT from
iceman12-int.giac.net[65.173.218.115]: 454 <michael@schoen-hahn.de>:
rejected: Relay access den
ied.; from=<list-bounces@lists.dshield.org> to=<michael@schoen-hahn.de>
_________________________________________
SANS 2007 March 29 - April 6 in San Diego, CA offers 52 Courses
taught by our top rated instructors plus a huge vendor tools expo.
Register Today! http://www.sans.org/info/2501 (BROCHURECODE: ISC)
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic