1. Forum
  2. Fidonet
  3. SCANRADIO

  • wcsap filtering and alias/translations

    From DAVE GOURD@1:124/5013 to All on Thu Jan 31 19:18:36 2019
    Date: Tue, 11 Apr 2006 18:00:59 -0400
    From: DAVE GOURD
    To: All
    Subject: wcsap filtering and alias/translations
    Newsgroups: win.server.smtp.&.avs
    Message-ID: <1144792859.46.0@winserver.com>
    X-Mailer: Wildcat! Interactive Net Server v7.0.454.5
    Lines: 87

    Has anyone had problems with wcsap and translated/alias email addresses?

    I have been seeing at least one of my aliased/translated email accounts getting rejected on a few occasions.

    Most recently the rejection came from an inquiry to M$ regarding mail from
    our domain not getting delivered to hotmail accounts, but a reply was evidently rejected (not good since I accused them of blocking our domain
    :(


    **from wcsmtp trace:**
    Wildcat! SMTP Server v6.1.451.6
    SMTP log started at Tue, 11 Apr 2006 14:12:59
    Connection Time: 20060411 14:12:59 cid: 000000E2
    SSL Enabled: NO
    Client IP: 131.107.70.16 (mail3.mssupport.microsoft.com)
    14:12:59 S: 220-foxriver.net Wildcat! ESMTP Server v6.1.451.6 ready
    14:12:59 S: 220-************** WARNING: FOR AUTHORIZED USE ONLY! **********************
    14:12:59 S: 220-* THIS SYSTEM DO NOT AUTHORIZE THE USE OF ITS
    PROPRIETARY COMPUTERS *
    14:12:59 S: 220-* AND COMPUTER NETWORKS TO ACCEPT, TRANSMIT, OR
    DISTRIBUTE UNSOLICITED *
    14:12:59 S: 220-* BULK E-MAIL SENT FROM THE INTERNET. THIS SYSTEM
    WILL RESTRICT ACCESS *
    14:12:59 S: 220-* TO CAN-SPAM (US S. 877) COMPLIANT CLIENTS
    ONLY. *
    14:12:59 S: 220
    **********************************************************
    **************
    14:12:59 C: EHLO mail3.mssupport.microsoft.com
    14:12:59 S: 250-foxriver.net, Hello mail3.mssupport.microsoft.com, pleased
    to meet you.
    14:12:59 S: 250-SUBMITTER
    14:12:59 S: 250-ETRN
    14:12:59 S: 250-AUTH CRAM-MD5 LOGIN PLAIN PLAIN-MD5 SHA-1
    14:12:59 S: 250-AUTH=LOGIN
    14:12:59 S: 250 HELP
    14:12:59 C: MAIL FROM:<bugreporter@css.one.microsoft.com>
    14:12:59 S: 250 <bugreporter@css.one.microsoft.com>... Sender validation pending. Continue.
    14:12:59 C: RCPT TO:<~alias-account-here~@foxriver.net>
    14:13:07 ** WCX Process: wcsap ret: 552 (Rejected by WCSAP CBV)
    14:13:07 S: 550 Return Path not verifiable.
    14:13:07 C: RSET
    14:13:07 S: 250 Reset State
    14:13:07 C: QUIT
    14:13:07 S: 221 closing connection
    14:13:08 ** Completed


    **from wcsap**
    20060411 14:12:59 000000e2 -------------------------------------
    20060411 14:12:59 000000e2 version : 2.06 / 1.62
    20060411 14:12:59 000000e2 calltype : SMTP
    20060411 14:12:59 000000e2 state : rcpt
    20060411 14:12:59 000000e2 cip : 131.107.70.16
    20060411 14:12:59 000000e2 cdn : mail3.mssupport.microsoft.com
    20060411 14:12:59 000000e2 from : bugreporter@css.one.microsoft.com 20060411 14:12:59 000000e2 hdn : mail3.mssupport.microsoft.com
    20060411 14:12:59 000000e2 rcpt : ~alias-account-here~@foxriver.net 20060411 14:12:59 000000e2 ruid : 265
    20060411 14:13:00 000000e2 sapfilter : pass (time:579)
    20060411 14:13:01 000000e2 saprbl : pass (time:484)
    20060411 14:13:01 000000e2 sapspf : none (time:141)
    20060411 14:13:01 000000e2 sapcep : none (time:281)
    20060411 14:13:01 000000e2 sapcbv : total mx records: 5
    20060411 14:13:01 000000e2 try mx : maila.microsoft.com ip: 131.107.1.6 20060411 14:13:01 000000e2 # connecting to 131.107.1.6
    20060411 14:13:01 000000e2 S: 220 IGT-IMC-
    01.redmond.corp.microsoft.com Microsoft ESMTP MAIL Service <Inbound
    SMTP Virtual Server> Tue, 11 Apr 2006 12:13:07 -0700
    20060411 14:13:01 000000e2 C: NOOP WCSAP v2.06 Wildcat! Sender
    Authentication Protocol http://www.santronics.com
    20060411 14:13:01 000000e2 S: 250 2.0.0 OK
    20060411 14:13:01 000000e2 C: HELO [foxriver.net]
    20060411 14:13:07 000000e2 S: 501 5.5.4 Invalid Address
    20060411 14:13:07 000000e2 sapcbv : 501
    20060411 14:13:07 000000e2 result : reject (0)
    20060411 14:13:07 000000e2 smtp code : 552
    20060411 14:13:07 000000e2 wcsap finish (7547 msecs)


    Any ideas?


    --- Platinum Xpress/Win/WINServer v3.1
    * Origin: Prison Board BBS Mesquite Tx //telnet.RDFIG.NET www. (1:124/5013)
  • From HECTOR SANTOS@1:124/5013 to All on Thu Jan 31 19:18:36 2019
    Date: Tue, 11 Apr 2006 19:15:13 -0400
    From: HECTOR SANTOS
    To: DAVE GOURD
    Subject: Re: wcsap filtering and alias/translations
    Newsgroups: win.server.smtp.&.avs
    Message-ID: <1144797423.46.1144792859@winserver.com>
    References: <1144792859.46.0@winserver.com>
    X-WcMsg-Attr: Rcvd
    X-Mailer: Wildcat! Interactive Net Server v7.0.454.5
    Lines: 69

    <DAVE GOURD> wrote in message news:1144792859.46.0@winserver.com...

    Has anyone had problems with wcsap and translated/alias
    email addresses?

    Dave,

    There is no relationship with WCSAP and your aliased/translated email
    accounts. WCSAP checks the sender address. Not your address.

    I have been seeing at least one of my aliased/translated email accounts getting rejected on a few occasions.

    How? It is accepted here:

    14:12:59 C: MAIL FROM:<bugreporter@css.one.microsoft.com>
    14:12:59 S: 250 <bugreporter@css.one.microsoft.com>...
    Sender validation pending. Continue.
    14:12:59 C: RCPT TO:<~alias-account-here~@foxriver.net>
    14:13:07 ** WCX Process: wcsap ret: 552 (Rejected by WCSAP CBV)
    14:13:07 S: 550 Return Path not verifiable.

    RCPT TO: must pass first before bothering to try calling WCSAP to validate
    the sender. WCSMPT waits to see if RCPT TO: is ok for efficiency reasons.
    If it was bad, it would not call WCSAP and you would see a different
    message:

    55x User Not found

    Most recently the rejection came from an inquiry to M$ regarding mail from our domain not getting delivered to hotmail accounts, but a reply was evidently rejected (not good since I accused them of blocking our domain
    :(

    20060411 14:13:01 000000e2 C: HELO [foxriver.net]
    20060411 14:13:07 000000e2 S: 501 5.5.4 Invalid Address
    20060411 14:13:07 000000e2 sapcbv : 501
    20060411 14:13:07 000000e2 result : reject (0)
    20060411 14:13:07 000000e2 smtp code : 552
    20060411 14:13:07 000000e2 wcsap finish (7547 msecs)

    The problem is the HELO line.

    Remove your change in WCSAP for SAPHOST.

    Put it back to:

    SapHost [serverdomain] <<-- MACRO for your domain

    or put your domain without the brackets:

    Saphost foxriver.net

    or put it with an brackets and your address:

    SapHost [12.134.134.98]

    But using the default will automatically set it for you.


    Hope this helps

    --
    Hector




    --- Platinum Xpress/Win/WINServer v3.1
    * Origin: Prison Board BBS Mesquite Tx //telnet.RDFIG.NET www. (1:124/5013)
  • From DAVE GOURD@1:124/5013 to All on Thu Jan 31 19:18:36 2019
    Date: Wed, 12 Apr 2006 01:30:12 -0400
    From: DAVE GOURD
    To: HECTOR SANTOS
    Subject: Re: wcsap filtering and alias/translations
    Newsgroups: win.server.smtp.&.avs
    Message-ID: <1144819812.46.1144797423@winserver.com>
    References: <1144797423.46.1144792859@winserver.com>
    X-WcMsg-Attr: Rcvd
    X-Mailer: Wildcat! Interactive Net Server v7.0.454.5
    Lines: 130

    On 4/11/06 7:15 PM, HECTOR SANTOS wrote to DAVE GOURD:

    <DAVE GOURD> wrote in message
    news:1144792859.46.0@winserver.com...

    Has anyone had problems with wcsap and translated/alias
    email addresses?

    Dave,

    There is no relationship with WCSAP and your aliased/translated email accounts. WCSAP checks the sender address. Not your address.

    I have been seeing at least one of my aliased/translated email accounts getting rejected on a few occasions.

    How? It is accepted here:

    14:12:59 C: MAIL FROM:<bugreporter@css.one.microsoft.com>
    14:12:59 S: 250 <bugreporter@css.one.microsoft.com>...
    Sender validation pending. Continue.
    14:12:59 C: RCPT TO:<~alias-account-here~@foxriver.net>
    14:13:07 ** WCX Process: wcsap ret: 552 (Rejected by WCSAP CBV)
    14:13:07 S: 550 Return Path not verifiable.

    I understand that wcsap testing doesn't proceed if the user doesn't exist. I should have word the inquiry differently. The message was NOT rec'd here, I [choke] assumed we (foxriver.net) was rejected/denied by M$, but didn't understand why. At first I thought we rejected <bugreporter@css.one.microsoft.com> as a bad return path, but it didn't
    make sense at all.

    I really I don't understand why its all been working for so long now, perhaps just the circumstances of with the particular aliased addy and M$/hotmail. I've been going over my log archives, I at least 3 other similar problems with the same alias only going back as far as January 8 2006 - all in sessions with hotmail and/or microsoft- they must be more strict than the majority of mail servers on the net. That aliased addy has no absolutley no problem via yahoo mail or another outside mail server we use.

    I'm trying to fine tune things here- we fell victim to a joe job/spoofing; litterally hundreds of thousands of false bounces over the past 2 weeks now. Had to redo our spf.txt record, not even certain if it's totally correct yet, but
    taking troubleshooting one thing at a time. I'd like to get my hands on the goof that did that to us!


    RCPT TO: must pass first before bothering to try calling WCSAP to validate the sender. WCSMPT waits to see if RCPT TO: is ok for efficiency reasons. If it was bad, it would not call WCSAP and you would see a different message:

    55x User Not found

    Most recently the rejection came from an inquiry to M$ regarding mail
    from
    our domain not getting delivered to hotmail accounts, but a reply was evidently rejected (not good since I accused them of blocking our domain :(

    20060411 14:13:01 000000e2 C: HELO [foxriver.net]
    20060411 14:13:07 000000e2 S: 501 5.5.4 Invalid Address
    20060411 14:13:07 000000e2 sapcbv : 501
    20060411 14:13:07 000000e2 result : reject (0)
    20060411 14:13:07 000000e2 smtp code : 552
    20060411 14:13:07 000000e2 wcsap finish (7547 msecs)

    The problem is the HELO line.

    Remove your change in WCSAP for SAPHOST.

    Put it back to:

    SapHost [serverdomain] <<-- MACRO for your domain

    or put your domain without the brackets:

    Saphost foxriver.net

    or put it with an brackets and your address:

    SapHost [12.134.134.98]

    But using the default will automatically set it for you.


    Hope this helps

    I'll take your word for it, I remember making the change but that's been that way since wcsap was relased for our use, at least pre- ver 2.

    I simply modified the wcsap.ini's install default from:
    SapHost [serverdomain] ; ** USE YOUR WCSMTP MX DOMAIN! **
    to:
    SapHost [foxriver.net] ; ** USE YOUR WCSMTP MX DOMAIN! **
    and now it's back to:
    SapHost [serverdomain] ; ** USE YOUR WCSMTP MX DOMAIN! **

    - just substituted foxriver.net for the serverdomain. I should've known better

    as long as I've been in this. Domain/ip pairs are normally seen as
    domain name [x.x.x.x], just didn't ring the bells I suppose.

    Maybe for future reference in case someone with less experience (or dummys like me who miss the forest cause the trees were in the way), the remark
    might indicate the difference between the two.

    Anyway, I changed the ini file setting to the macro [serverdomain] (with the brackets).

    Is it possible this setting is why I am not getting outbound mail to hotmail accounts?

    Anyhow, Thanks for the explanation, we'll see how it works (I'm sure it will), have really been glad to have the wcsap. Between wcsap and firewalling
    smtp traffic with most of APNIC and a great deal of RIPE allocations, our incoming spam is down to less than 2% right now!

    --
    Dave


    --
    Hector







    --- Platinum Xpress/Win/WINServer v3.1
    * Origin: Prison Board BBS Mesquite Tx //telnet.RDFIG.NET www. (1:124/5013)
  • From DAVE GOURD@1:124/5013 to All on Thu Jan 31 19:18:36 2019
    Date: Wed, 12 Apr 2006 10:32:43 -0400
    From: DAVE GOURD
    To: DAVE GOURD
    Subject: Re: wcsap filtering and alias/translations
    Newsgroups: win.server.smtp.&.avs
    Message-ID: <1144852363.46.1144819812@winserver.com>
    References: <1144819812.46.1144797423@winserver.com>
    X-WcMsg-Attr: Rcvd
    X-Mailer: Wildcat! Interactive Net Server v7.0.454.5
    Lines: 169

    Just a followup...

    FWIW - I don't think this settings change had any impact, but overnight
    since making the change in wcsap.ini to saphost, the false bouncing we have been experiencing has fallen off drastically. Inbound smtp traffic still pretty

    high, but 'Rejected Recipient Address' entries are less than 50% when
    compared with 7hour (midnight to 7am local) sample periods from the previous
    7 days.

    Maybe the spammers are regrouping? ;)



    On 4/12/06 1:30 AM, DAVE GOURD wrote to HECTOR SANTOS:

    On 4/11/06 7:15 PM, HECTOR SANTOS wrote to DAVE GOURD:

    <DAVE GOURD> wrote in message
    news:1144792859.46.0@winserver.com...

    Has anyone had problems with wcsap and translated/alias
    email addresses?

    Dave,

    There is no relationship with WCSAP and your aliased/translated email accounts. WCSAP checks the sender address. Not your address.

    I have been seeing at least one of my aliased/translated email
    accounts
    getting rejected on a few occasions.

    How? It is accepted here:

    14:12:59 C: MAIL FROM:<bugreporter@css.one.microsoft.com>
    14:12:59 S: 250 <bugreporter@css.one.microsoft.com>...
    Sender validation pending. Continue.
    14:12:59 C: RCPT TO:<~alias-account-here~@foxriver.net>
    14:13:07 ** WCX Process: wcsap ret: 552 (Rejected by WCSAP
    CBV)
    14:13:07 S: 550 Return Path not verifiable.

    I understand that wcsap testing doesn't proceed if the user doesn't exist.
    I
    should have word the inquiry differently. The message was NOT rec'd
    here, I
    [choke] assumed we (foxriver.net) was rejected/denied by M$, but didn't understand why. At first I thought we rejected <bugreporter@css.one.microsoft.com> as a bad return path, but it didn't make sense at all.

    I really I don't understand why its all been working for so long now,
    perhaps
    just the circumstances of with the particular aliased addy and M$/hotmail. I've been going over my log archives, I at least 3 other similar problems
    with
    the same alias only going back as far as January 8 2006 - all in sessions
    with
    hotmail and/or microsoft- they must be more strict than the majority of
    mail
    servers on the net. That aliased addy has no absolutley no problem via
    yahoo
    mail or another outside mail server we use.

    I'm trying to fine tune things here- we fell victim to a joe job/spoofing; litterally hundreds of thousands of false bounces over the past 2 weeks
    now.
    Had to redo our spf.txt record, not even certain if it's totally correct
    yet,
    but
    taking troubleshooting one thing at a time. I'd like to get my hands on the goof that did that to us!


    RCPT TO: must pass first before bothering to try calling WCSAP to
    validate
    the sender. WCSMPT waits to see if RCPT TO: is ok for efficiency
    reasons.
    If it was bad, it would not call WCSAP and you would see a different message:

    55x User Not found

    Most recently the rejection came from an inquiry to M$ regarding mail
    from
    our domain not getting delivered to hotmail accounts, but a reply was evidently rejected (not good since I accused them of blocking our
    domain
    :(

    20060411 14:13:01 000000e2 C: HELO [foxriver.net]
    20060411 14:13:07 000000e2 S: 501 5.5.4 Invalid Address
    20060411 14:13:07 000000e2 sapcbv : 501
    20060411 14:13:07 000000e2 result : reject (0)
    20060411 14:13:07 000000e2 smtp code : 552
    20060411 14:13:07 000000e2 wcsap finish (7547 msecs)

    The problem is the HELO line.

    Remove your change in WCSAP for SAPHOST.

    Put it back to:

    SapHost [serverdomain] <<-- MACRO for your domain

    or put your domain without the brackets:

    Saphost foxriver.net

    or put it with an brackets and your address:

    SapHost [12.134.134.98]

    But using the default will automatically set it for you.


    Hope this helps

    I'll take your word for it, I remember making the change but that's been
    that
    way since wcsap was relased for our use, at least pre- ver 2.

    I simply modified the wcsap.ini's install default from:
    SapHost [serverdomain] ; ** USE YOUR WCSMTP MX
    DOMAIN! **
    to:
    SapHost [foxriver.net] ; ** USE YOUR WCSMTP MX DOMAIN!
    **
    and now it's back to:
    SapHost [serverdomain] ; ** USE YOUR WCSMTP MX
    DOMAIN! **

    - just substituted foxriver.net for the serverdomain. I should've known
    better
    as long as I've been in this. Domain/ip pairs are normally seen as
    domain name [x.x.x.x], just didn't ring the bells I suppose.

    Maybe for future reference in case someone with less experience (or
    dummys
    like me who miss the forest cause the trees were in the way), the remark might indicate the difference between the two.

    Anyway, I changed the ini file setting to the macro [serverdomain] (with
    the
    brackets).

    Is it possible this setting is why I am not getting outbound mail to hotmail

    accounts?

    Anyhow, Thanks for the explanation, we'll see how it works (I'm sure it
    will),
    have really been glad to have the wcsap. Between wcsap and firewalling
    smtp traffic with most of APNIC and a great deal of RIPE allocations, our incoming spam is down to less than 2% right now!

    --
    Dave


    --
    Hector









    --- Platinum Xpress/Win/WINServer v3.1
    * Origin: Prison Board BBS Mesquite Tx //telnet.RDFIG.NET www. (1:124/5013)