Month: September 2018

Several issues solved and coming
There were – all of a sudden – some issues with mailing to sites that check sender’s validity using SPF. As it turned out, my ISP added a mailserver-farmr to act as envelope-server fort my domain – and that caused problems: These servers were (of course) not known to be valid senders for grootersnet.nl, so any receipt was rejected. Cheking sending mail to my gmail address, it seemed it was the case fior a linger period:
ARC-Authentication-Results: i=1; mx.google.com;
spf=fail (google.com: domain of xxxxxx@grootersnet.nl does not designate (ISP server address) as permitted sender) smtp.mailfrom=xxxxxx@grootersnet.nl
It took a few minutes, but now it reads:
ARC-Authentication-Results: i=1; mx.google.com;
spf=pass (google.com: domain of xxxxxx@grootersnet.nl designates(ISP swerver address) as permitted sender) smtp.mailfrom=xxxxxx@grootersnet.nl
and the sites that refused mail before, now accept it.

another issue I ran into last month: IPTV configuration (from my ISP) has changed and that means some facilities are no longer available. To set things straight, I need to change the router configuration. using information passed by the helpdesk, for setting up a Draytek router. But info handles setup for another type (28xx in stead of 29xxx) and another ISP – which proves a bigger problem: The addresses used in that example don’t work – obviously. and the configuration assumes the home LAN is a 192.168.1.0 netwerk – where mine is 192.168.0.0. It menas setting up another route fo the network, where source address is required Usege of VLANs makes it a bit more cumbersome – and given the future plans: To do all IPTV traffic using the same VLAN as ‘normal’ internet makes it easier to adapt the network. So I have to reconfigure all hardware that have a fixed address to listen to 192.168.1.0, (if possible to 192.168.0.0 for the time being); DNS and DHCP (and mail!) must be changed as well. For DHCP and DNS, it might be a good idea to change the zone as well (grootersnet.local? of have both set up;. No matter what, it is not complicated but it will take quite some time and planning.

The usual
It’s all as it has been for months:
PMAS statistics for August
Total messages  :  2790 = 100.0 o/o
DNS Blacklisted  :   0 =  .0 o/o (Files: 0)
Relay attempts  :  441 = 15.8 o/o (Files: 31)
Accepted by PMAS :  2349 = 84.1 o/o (Files: 31)
 Handled by explicit rule
     Rejected :  1823 = 77.6 o/o (processed), 65.3 o/o (all)
     Accepted :  110 =  4.6 o/o (processed),  3.9 o/o (all)
 Handled by content
    Discarded :  246 = 10.4 o/o (processed),  8.8 o/o (all)
   Quarantained :  156 =  6.6 o/o (processed),  5.5 o/o (all)
    Delivered :   14 =  .5 o/o (processed),  .5 o/o (all)

The only thing not yet covered is what has been the result of enabling SPF-checking. There are quite a few sites that are now marked as “none” in the log files, some as “pass” – given the domain, I wouldn’t expect otherwise. one or two (on first look) as “Softfail”. Most of the “none” – meaning: no SPF record found – are bogus domains, but I found some unexpected results in this category, like gmail.com, and some Ducth governmental sites. softfail was yahoo.jp. Pass were all to be expected.
So simply rejecting mail where no SPF record exists is NOT an option – yet. One question to ask Google 🙂

On relay attempts – just two days over 100:

 8-AUG-2018 12:03:24.93 to 12:06:49.46 from 142.11.195.134 (192)

22-AUG-2018 17:35:39.69 to 17:42:03.13& from 23.254.215.89 (187)

as usual using a bogus grooternet.nl user from an outside address (again: owned by Hostwinds.com), and trying to mail to 1029mandaditos@gmail.com using my server. When will this person learn he won’t succeed ????

Content update
I (finally) made a start in processing the data (images and tracks) from ourt journey to Madeira, last April – in anticipation of another set of images and track from last weeks (Austria and Switzerland). Aside the work to be done on the operational application using MQTT…