1. Forum
  2. USENET
  3. news.admin.peering

  • omicronmedia.com/eweka rDNS issues

    From Marco Moock@mm@dorfdsl.de to news.admin.peering on Sat Oct 11 21:36:43 2025
    From Newsgroup: news.admin.peering

    Hello!

    I noticed the following:

    Okt 11 20:43:44 pi-dach sm-mta[496354]: 59BIhirk496354: ruleset=check_rcpt, arg1=<uk-legal-moderated@moderators.isc.org>, relay=[185.90.198.28], reject=550 5.7.1 <uk-legal-moderated@moderators.isc.org>... Fix reverse DNS for 185.90.198.28
    Okt 11 20:43:44 pi-dach sm-mta[496354]: 59BIhirk496354: from=<news-admin@admin.omicronmedia.com>, size=2738, class=0, nrcpts=0, bodytype=8BITMIME, proto=ESMTPS, daemon=MTA, relay=[185.90.198.28]


    The IP address is assigned to eweka according to the whois.

    Does anybody have a clue who is responsible here?
    --
    kind regards
    Marco

    Send spam to 1760211141muell@stinkedores.dorfdsl.de

    --- Synchronet 3.21a-Linux NewsLink 1.2
  • From Jesse Rehmer@jesse.rehmer@blueworldhosting.com to news.admin.peering on Sat Oct 11 22:08:15 2025
    From Newsgroup: news.admin.peering

    On Oct 11, 2025 at 2:36:43rC>PM CDT, "Marco Moock" <mm@dorfdsl.de> wrote:

    Hello!

    I noticed the following:

    Okt 11 20:43:44 pi-dach sm-mta[496354]: 59BIhirk496354: ruleset=check_rcpt, arg1=<uk-legal-moderated@moderators.isc.org>, relay=[185.90.198.28], reject=550 5.7.1 <uk-legal-moderated@moderators.isc.org>... Fix reverse DNS for 185.90.198.28
    Okt 11 20:43:44 pi-dach sm-mta[496354]: 59BIhirk496354: from=<news-admin@admin.omicronmedia.com>, size=2738, class=0, nrcpts=0, bodytype=8BITMIME, proto=ESMTPS, daemon=MTA, relay=[185.90.198.28]


    The IP address is assigned to eweka according to the whois.

    Does anybody have a clue who is responsible here?

    Why are you trying to relay through Omicron?

    % dig mx moderators.isc.org +short
    10 moderators.bofh.team.
    10 pi-dach.dorfdsl.de.
    10 moderators.individual.net.

    I assume you are the operator of pi-dach.dorfdsl.de? I won't claim to fully understand the moderation flow once mail leaves my server to a moderator address, but all of those servers should be able to properly handle delivery
    of anything @moderators.isc.org. Why your sm-mta is trying to relay through 185.90.198.28 does not make sense to me.
    --- Synchronet 3.21a-Linux NewsLink 1.2
  • From Richard Kettlewell@invalid@invalid.invalid to news.admin.peering on Sun Oct 12 10:18:13 2025
    From Newsgroup: news.admin.peering

    Jesse Rehmer <jesse.rehmer@blueworldhosting.com> writes:
    "Marco Moock" <mm@dorfdsl.de> wrote:
    Hello!

    I noticed the following:

    Okt 11 20:43:44 pi-dach sm-mta[496354]: 59BIhirk496354: ruleset=check_rcpt, >> arg1=<uk-legal-moderated@moderators.isc.org>, relay=[185.90.198.28],
    reject=550 5.7.1 <uk-legal-moderated@moderators.isc.org>... Fix reverse DNS >> for 185.90.198.28
    Okt 11 20:43:44 pi-dach sm-mta[496354]: 59BIhirk496354:
    from=<news-admin@admin.omicronmedia.com>, size=2738, class=0, nrcpts=0,
    bodytype=8BITMIME, proto=ESMTPS, daemon=MTA, relay=[185.90.198.28]


    The IP address is assigned to eweka according to the whois.

    Does anybody have a clue who is responsible here?

    Why are you trying to relay through Omicron?

    Other way round. 185.90.198.28 is attempting to send a mail with a
    sender of news-admin@admin.omicronmedia.com and a recipient of uk-legal-moderated@moderators.isc.org. 185.90.198.28 has no reverse DNS,
    so his Sendmail is rejecting it.

    The obvious solution is for 185.90.198.28 sort out their reverse DNS.

    Presumably 185.90.198.28 is somehow connected to omicronmedia.com.
    --
    https://www.greenend.org.uk/rjk/
    --- Synchronet 3.21a-Linux NewsLink 1.2
  • From Thomas Hochstein@thh@thh.name to news.admin.peering on Sun Oct 12 22:57:40 2025
    From Newsgroup: news.admin.peering

    Jesse Rehmer wrote:

    I won't claim to fully
    understand the moderation flow once mail leaves my server to a moderator address [...]

    The point here is that your server that is sending mail should be
    configured in a way that this mails reaches its recipients.

    The server at 185.90.198.28 (which seems to be trying to relay a posting
    to uk.legal.moderated to the moderation address) is not, as it misses a
    PTR DSN entry.

    -thh
    --- Synchronet 3.21a-Linux NewsLink 1.2
  • From Marco Moock@mm@dorfdsl.de to news.admin.peering on Fri Nov 7 21:43:44 2025
    From Newsgroup: news.admin.peering

    On 11.10.2025 21:36 Uhr Marco Moock wrote:

    Hello!

    I noticed the following:

    Okt 11 20:43:44 pi-dach sm-mta[496354]: 59BIhirk496354:
    ruleset=check_rcpt, arg1=<uk-legal-moderated@moderators.isc.org>, relay=[185.90.198.28], reject=550 5.7.1 <uk-legal-moderated@moderators.isc.org>... Fix reverse DNS for
    185.90.198.28 Okt 11 20:43:44 pi-dach sm-mta[496354]: 59BIhirk496354: from=<news-admin@admin.omicronmedia.com>, size=2738, class=0,
    nrcpts=0, bodytype=8BITMIME, proto=ESMTPS, daemon=MTA,
    relay=[185.90.198.28]


    The IP address is assigned to eweka according to the whois.

    Does anybody have a clue who is responsible here?

    Some update on this:
    I've now whitelisted this IP and thousands of crossposted bullshit
    posts with unprintable characters came in and stuck in my mqueue (the
    receiver rejected them temporarily).

    I've now removed the whitelisting and deleted all the crap.
    --
    kind regards
    Marco

    Send spam to 1760211403muell@stinkedores.dorfdsl.de

    --- Synchronet 3.21a-Linux NewsLink 1.2