對方信件是否DNS Black List封鎖?

js-av 發表於 2008-9-24 11:27:14

系統環境如下：
1. 作業系統：2003 Standard Server 2. 是否安防毒軟體：Symantec Antivirus 3. 是否安裝防火牆：Netscreen 10gt Firewall 
4. 自行架設 DNS 5. 使用ADSL 固接制（固定 IP） 6. 是否使用 IP 分享器或路由器：防火牆內建NAT 7. MDaemon、AntiVirus 版本：MDaemon PRO v9.6.6，並沒有使用它的AntiVirus ----------------------------------------------------------------------------------------------------------------------------------------------------------------
大陸分公司的mis同仁表示：最近常遭到退信，所以我看了一下smtp(in).log
以下有幾點疑問（紅色標示處），還請各位先進給小弟指點迷津，謝謝！！
 
---------------------------------------------------------------------------------------------------------------------------------------------------------------- Tue 2008-09-23 15:19:46: Session 1017; child 1; thread 3580 Tue 2008-09-23 15:19:40: Accepting SMTP connection from Tue 2008-09-23 15:19:40: Performing PTR lookup (236.4.13.121.IN-ADDR.ARPA) Tue 2008-09-23 15:19:40: *  D=236.4.13.121.IN-ADDR.ARPA TTL=(1440) PTR=[236.4.13.121.broad.dg.gd.dynamic.163data.com.cn] ---->該如何解釋這行呢？ Tue 2008-09-23 15:19:40: *  Gathering A records... Tue 2008-09-23 15:19:40: ---- End PTR results Tue 2008-09-23 15:19:40: --> 220 mail.youngyak.com ESMTP MDaemon 9.6.6; Tue, 23 Sep 2008 15:19:40 +0800 Tue 2008-09-23 15:19:40: <-- HELO jiachen.kmip.net　---->這裏指的應該是對方的mail Server名稱?
Tue 2008-09-23 15:19:40: Performing IP lookup (jiachen.kmip.net) Tue 2008-09-23 15:19:41: *  D=jiachen.kmip.net TTL=(1) A=[121.13.4.236]     ---->這裏的IP指的應該是對方mail Server的IP?
Tue 2008-09-23 15:19:41: ---- End IP lookup results Tue 2008-09-23 15:19:41: --> 250 mail.youngyak.com Hello 236.4.13.121.broad.dg.gd.dynamic.163data.com.cn, pleased to meet you Tue 2008-09-23 15:19:41: <-- MAIL FROM: <<A href="mailto:[email protected]">[email protected]</A>> Tue 2008-09-23 15:19:41: Performing IP lookup (jiachen.kmip.net) Tue 2008-09-23 15:19:41: *  D=jiachen.kmip.net TTL=(1) A= Tue 2008-09-23 15:19:41: ---- End IP lookup results Tue 2008-09-23 15:19:41: Performing SPF lookup (jiachen.kmip.net / 121.13.4.236) Tue 2008-09-23 15:19:45: *  Result: none; no SPF record in DNS Tue 2008-09-23 15:19:45: ---- End SPF results Tue 2008-09-23 15:19:45: --> 250 <<A href="mailto:[email protected]">[email protected]</A>>, Sender ok Tue 2008-09-23 15:19:45: <-- RCPT TO: <<A href="mailto:[email protected]">[email protected]</A>> Tue 2008-09-23 15:19:45: Performing DNS-BL lookup (121.13.4.236 - connecting IP)     ---->MDaemon v9.6.6在DNS Black List 的預設值（圖一）
Tue 2008-09-23 15:19:45: *  zen.spamhaus.org - failed                                      ---->這裏的failed是指：連不到該網站嗎？ Tue 2008-09-23 15:19:46: *  cblless.anti-spam.org.cn - failed　　　　　　   ---->同上 Tue 2008-09-23 15:19:46: ---- End DNS-BL results Tue 2008-09-23 15:19:46: --> 550 121.13.4.236 listed at spamhaus, see <A href="http://www.spamhaus.org/">http://www.spamhaus.org</A>       ---->為什麼上面出現了failed，而這裏卻又告知121.13.4.236被列在它的spamhaus裏？ Tue 2008-09-23 15:19:46: SMTP session terminated (Bytes in/out: 89/280) Tue 2008-09-23 15:19:46: ---------- Tue 2008-09-23 15:19:53: Session 1018; child 1; thread 1040 Tue 2008-09-23 15:19:47: Accepting SMTP connection from Tue 2008-09-23 15:19:47: Performing PTR lookup (236.4.13.121.IN-ADDR.ARPA) Tue 2008-09-23 15:19:47: *  D=236.4.13.121.IN-ADDR.ARPA TTL=(1402) PTR= Tue 2008-09-23 15:19:47: *  Gathering A records... Tue 2008-09-23 15:19:51: ---- End PTR results Tue 2008-09-23 15:19:51: --> 220 mail.youngyak.com ESMTP MDaemon 9.6.6; Tue, 23 Sep 2008 15:19:51 +0800 Tue 2008-09-23 15:19:51: <-- HELO jiachen.kmip.net Tue 2008-09-23 15:19:51: Performing IP lookup (jiachen.kmip.net) Tue 2008-09-23 15:19:51: *  D=jiachen.kmip.net TTL=(1) A= Tue 2008-09-23 15:19:51: ---- End IP lookup results Tue 2008-09-23 15:19:51: --> 250 mail.youngyak.com Hello 236.4.13.121.broad.dg.gd.dynamic.163data.com.cn, pleased to meet you Tue 2008-09-23 15:19:51: <-- MAIL FROM: <<A href="mailto:[email protected]">[email protected]</A>> Tue 2008-09-23 15:19:51: Performing IP lookup (jiachen.kmip.net) Tue 2008-09-23 15:19:52: *  D=jiachen.kmip.net TTL=(1) A= Tue 2008-09-23 15:19:52: ---- End IP lookup results Tue 2008-09-23 15:19:52: Performing SPF lookup (jiachen.kmip.net / 121.13.4.236) Tue 2008-09-23 15:19:52: *  Result: none; no SPF record in DNS Tue 2008-09-23 15:19:52: ---- End SPF results Tue 2008-09-23 15:19:52: --> 250 <<A href="mailto:[email protected]">[email protected]</A>>, Sender ok Tue 2008-09-23 15:19:52: <-- RCPT TO: <<A href="mailto:[email protected]">[email protected]</A>> Tue 2008-09-23 15:19:52: Performing DNS-BL lookup (121.13.4.236 - connecting IP) Tue 2008-09-23 15:19:53: *  zen.spamhaus.org - failed Tue 2008-09-23 15:19:53: *  cblless.anti-spam.org.cn - failed Tue 2008-09-23 15:19:53: ---- End DNS-BL results Tue 2008-09-23 15:19:53: --> 550 121.13.4.236 listed at spamhaus, see <A href="http://www.spamhaus.org/">http://www.spamhaus.org</A> Tue 2008-09-23 15:19:53: SMTP session terminated (Bytes in/out: 96/280) Tue 2008-09-23 15:19:53: ---------- ---------------------------------------------------------------------------------------------------------------------------------------------------------------- 圖一
<IMG src="http://i129.photobucket.com/albums/p226/johnson784069/23-01.jpg" border=0>
 
圖二　　為了解決這個問題，我將大陸分公司寄件者加入到DNS Black List 項中的 White List 中，這樣對嗎？
<IMG src="http://i129.photobucket.com/albums/p226/johnson784069/23-02.jpg" border=0>

[ 本文最後由 js-av 於 2008-9-24 01:25 PM 編輯 ]

MarchFun 發表於 2008-9-24 15:35:48

zen.spamhaus.org - failed
 
failed 表示未通過檢查，也就是說該寄信的主機，其 IP 名列黑名單中。整封信無法成功寄送的原因也就在此。
 
既然對方是你們的分公司，直接將 IP 加入 Trust IP 中可以免除許多麻煩。

js-av 發表於 2008-9-24 16:01:00

感謝MarchFun的回答！
 
但是目前大陸分公司是採用動態IP來連網（非固定IP）
這又該怎麼解決呢?
 
（１）是不是想辦法把分公司的人，都加入到白名單才可以？又要在哪裏加入呢？

[ 本文最後由 js-av 於 2008-9-24 04:02 PM 編輯 ]

MarchFun 發表於 2008-9-24 22:45:43

無法固定 IP 的話，那就加入 Trust Host

js-av 發表於 2008-9-26 10:14:15

小弟是初學者，很感謝MarchFun　大大的回答！
 
把完整的圖po上來，讓有興趣的人做個筆記
這樣子做應該沒錯吧？！
 
 
（１）Security  --->  Relay / Trusts / Tarpit.....
<IMG src="http://i129.photobucket.com/albums/p226/johnson784069/bb1.jpg" border=0>
 
 
（２）Trusted Hosts頁 ---> 將寄件者的Domain Name加入（奇怪！我從這裏都加不進去，所以我改用WebAdmin去加，如下圖三）
<IMG src="http://i129.photobucket.com/albums/p226/johnson784069/bb2.jpg" border=0>
 
 
（３）左邊選擇”中轉／信任／阻止”---> 信任主機頁 ----> 在”信任域”中輸入寄件者的Domain Name後按「添加」鈕。完成！
<IMG src="http://i129.photobucket.com/albums/p226/johnson784069/bb3.jpg" border=0>

[ 本文最後由 js-av 於 2008-9-26 10:20 AM 編輯 ]

頁: [1]

數碼中文坊's Archiver

對方信件是否DNS Black List封鎖?