1. Forum
  2. Usenet
  3. COMP.MAIL.SENDMAIL

  • can it be that dnsbl lookups are ignored under some conditions?

    From None@21:1/5 to All on Sun Sep 17 15:57:24 2023
    While having this configuration

    FEATURE(`enhdnsbl', `zen.spamhaus.org', `"554 Rejected " $&{client_addr}
    " zen.spamhaus.org"', `t', `127.0.0.3.',`127.0.0.4.')dnl


    I still got this in the logs

    Sep 17 15:45:09 sendmail[125009]: STARTTLS=server, relay=122-151-202-217.sta.wbroadband.net.au [122.151.202.217],
    version=TLSv1.2, verify=NO, cipher=ECDHE-RSA-AES256-GCM-SHA384, bits=256/256 Sep 17 15:45:17 sendmail[125009]: 38HDj8TH125009: AUTH failure (LOGIN): authentication failure (-13) SASL(-13): authentication failure:
    checkpass failed, user=xxxxxxxx,
    relay=122-151-202-217.sta.wbroadband.net.au [122.151.202.217]
    Sep 17 15:45:18 sendmail[125009]: 38HDj8TH125009: 122-151-202-217.sta.wbroadband.net.au [122.151.202.217] did not issue MAIL/EXPN/VRFY/ETRN during connection to TLSMTA

    At first I thought maybe zen.spamhaus.org was not returning anything
    because of some error, but when doing a tcpdump on this mail server I
    saw a dns request/answer at 15:45:08.

    Maybe this is some trick using timeouts or so?


    [@ scripts]# dig +short 217.202.151.122.zen.spamhaus.org
    127.0.0.3
    127.0.0.10
    127.0.0.4

    sendmail-8.16.1-10.el9.x86_64

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From None@21:1/5 to All on Mon Sep 18 17:57:45 2023

    While having this configuration

    FEATURE(`enhdnsbl', `zen.spamhaus.org', `"554 Rejected " $&{client_addr}
    " zen.spamhaus.org"', `t', `127.0.0.3.',`127.0.0.4.')dnl


    I still got this in the logs

    Sep 17 15:45:09  sendmail[125009]: STARTTLS=server, relay=122-151-202-217.sta.wbroadband.net.au [122.151.202.217], version=TLSv1.2, verify=NO, cipher=ECDHE-RSA-AES256-GCM-SHA384,
    bits=256/256
    Sep 17 15:45:17  sendmail[125009]: 38HDj8TH125009: AUTH failure (LOGIN): authentication failure (-13) SASL(-13): authentication failure:
    checkpass failed, user=xxxxxxxx,
    relay=122-151-202-217.sta.wbroadband.net.au [122.151.202.217]
    Sep 17 15:45:18  sendmail[125009]: 38HDj8TH125009: 122-151-202-217.sta.wbroadband.net.au [122.151.202.217] did not issue MAIL/EXPN/VRFY/ETRN during connection to TLSMTA

    At first I thought maybe zen.spamhaus.org was not returning anything
    because of some error, but when doing a tcpdump on this mail server I
    saw a dns request/answer at 15:45:08.

    Maybe this is some trick using timeouts or so?


    Any ideas what is going on? Should I start changing timeouts?

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Claus =?iso-8859-1?Q?A=DFmann?= @21:1/5 to None on Mon Sep 18 14:20:37 2023
    None wrote:

    FEATURE(`enhdnsbl', `zen.spamhaus.org', `"554 Rejected " $&{client_addr}
    " zen.spamhaus.org"', `t', `127.0.0.3.',`127.0.0.4.')dnl

    Any ideas what is going on? Should I start changing timeouts?

    Do you use FEATURE(delay_checks)?

    --
    Note: please read the netiquette before posting. I will almost never
    reply to top-postings which include a full copy of the previous
    article(s) at the end because it's annoying, shows that the poster
    is too lazy to trim his article, and it's wasting the time of all readers.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From None@21:1/5 to All on Mon Sep 18 20:56:17 2023

    FEATURE(`enhdnsbl', `zen.spamhaus.org', `"554 Rejected " $&{client_addr} >>> " zen.spamhaus.org"', `t', `127.0.0.3.',`127.0.0.4.')dnl

    Any ideas what is going on? Should I start changing timeouts?

    Do you use FEATURE(delay_checks)?


    no that is commented out

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Claus =?iso-8859-1?Q?A=DFmann?= @21:1/5 to None on Mon Sep 18 15:20:17 2023
    None wrote:

    Do you use FEATURE(delay_checks)?

    no that is commented out

    How?
    Please quote the entry from your mc file and
    and show the output of
    grep '^Scheck_' YOUR.cf.file


    --
    Note: please read the netiquette before posting. I will almost never
    reply to top-postings which include a full copy of the previous
    article(s) at the end because it's annoying, shows that the poster
    is too lazy to trim his article, and it's wasting the time of all readers.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From None@21:1/5 to All on Mon Sep 18 21:59:54 2023

    Do you use FEATURE(delay_checks)?

    no that is commented out

    How?
    Please quote the entry from your mc file and
    and show the output of
    grep '^Scheck_' YOUR.cf.file


    [@mail]# cat sendmail.mc | grep 'delay'

    dnl FEATURE(delay_checks)dnl
    dnl FEATURE(`ratecontrol', `nodelay',`terminate')dnl
    dnl FEATURE(`conncontrol', `nodelay',`terminate')dnl



    [@mail]# grep '^Scheck_' sendmail.cf
    Scheck_relay
    Scheck_mail
    Scheck_rcpt

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From None@21:1/5 to All on Mon Sep 18 23:29:37 2023


    Do you use FEATURE(delay_checks)?

    no that is commented out

    How?
    Please quote the entry from your mc file and
    and show the output of
    grep '^Scheck_' YOUR.cf.file


    [@mail]# cat sendmail.mc | grep  'delay'

    dnl FEATURE(delay_checks)dnl
    dnl FEATURE(`ratecontrol', `nodelay',`terminate')dnl
    dnl FEATURE(`conncontrol', `nodelay',`terminate')dnl



    [@mail]# grep '^Scheck_' sendmail.cf
    Scheck_relay
    Scheck_mail
    Scheck_rcpt


    Currently I have 12% of the AUTH request getting through, if this
    connect can be fixed, this will drop to 7%.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Claus =?iso-8859-1?Q?A=DFmann?= @21:1/5 to None on Tue Sep 19 06:46:58 2023
    None wrote:

    FEATURE(`enhdnsbl', `zen.spamhaus.org', `"554 Rejected " $&{client_addr}
    " zen.spamhaus.org"', `t', `127.0.0.3.',`127.0.0.4.')dnl

    Sep 17 15:45:09 sendmail[125009]: STARTTLS=server, relay=122-151-202-217.sta.wbroadband.net.au [122.151.202.217],

    Does the blocking work sometimes, never, ... ?
    Some "libraries" mess around with DNS lookups and return bogus
    results in case of timeouts etc - do you have one of those
    systems (systemd and "weird" lookup mechanisms)?

    At first I thought maybe zen.spamhaus.org was not returning anything
    because of some error, but when doing a tcpdump on this mail server I
    saw a dns request/answer at 15:45:08.

    That could have been the lookup of the hostname for the client IP
    done by sendmail.


    --
    Note: please read the netiquette before posting. I will almost never
    reply to top-postings which include a full copy of the previous
    article(s) at the end because it's annoying, shows that the poster
    is too lazy to trim his article, and it's wasting the time of all readers.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From None@21:1/5 to All on Tue Sep 19 14:09:51 2023

    FEATURE(`enhdnsbl', `zen.spamhaus.org', `"554 Rejected " $&{client_addr}
    " zen.spamhaus.org"', `t', `127.0.0.3.',`127.0.0.4.')dnl

    Sep 17 15:45:09 sendmail[125009]: STARTTLS=server,
    relay=122-151-202-217.sta.wbroadband.net.au [122.151.202.217],

    Does the blocking work sometimes, never, ... ?
    Some "libraries" mess around with DNS lookups and return bogus
    results in case of timeouts etc - do you have one of those
    systems (systemd and "weird" lookup mechanisms)?


    I checked yesterday one hour results, and then 88% works fine. I was
    also tcpdump'ing my own nameserver to check if the request was getting
    out. In this case it indeed went out. I have to admit I only checked
    this once.

    for ns in `dig +short -t ns zen.spamhaus.org`;do dig +short $ns; done |
    tr '\n' ' ' | sed 's/ / or net /g'

    tcpdump -nn -i any udp port 53 and net 116.202.1.62 or net 3.126.72.97
    or net 194.104.0.140 or net 64.225.92.25 or net 129.143.77.4 or net 88.198.122.239 or net 193.74.22.152 or net 45.32.152.178 or net
    193.2.1.39 or net 45.90.57.113 or net 195.123.246.204 or net
    213.81.185.73 or net 70.34.211.66 or net 82.118.21.219 or net
    45.32.182.8 or net 213.171.197.23 or net 138.68.119.104 or net
    104.238.191.78 or net 35.181.96.80 or net 85.94.194.12 or net 208.85.20.147



    At first I thought maybe zen.spamhaus.org was not returning anything
    because of some error, but when doing a tcpdump on this mail server I
    saw a dns request/answer at 15:45:08.

    That could have been the lookup of the hostname for the client IP
    done by sendmail.


    Yes I think the request of sendmail doing the lookup is going ok.

    I am wondering if there is a relationship between this waiting of the
    client issuing more smtp commands and sendmail 'flushing' the dnsbl
    lookup. Or maybe it flushes when STARTTLS is requested?

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Claus =?iso-8859-1?Q?A=DFmann?= @21:1/5 to None on Tue Sep 19 13:12:25 2023
    None wrote:

    I am wondering if there is a relationship between this waiting of the
    client issuing more smtp commands and sendmail 'flushing' the dnsbl
    lookup. Or maybe it flushes when STARTTLS is requested?

    The DNSBL lookups are done before a process to accept the connection
    is started and the result of the check_relay ruleset is passed
    to the "smtp" process.
    So the only way this can "fail" is if something goes wrong with
    the DNS lookup.
    As mentioned some "DNS" lookup code in C libraries is broken
    returning bogus results.
    You could turn on some debugging (-D /tmp/dns.log -d38.40)
    or increase the LogLevel to at least 10
    to get more info about lookups done via a "dns" map.
    That is probably the best way to track down the problem.

    --
    Note: please read the netiquette before posting. I will almost never
    reply to top-postings which include a full copy of the previous
    article(s) at the end because it's annoying, shows that the poster
    is too lazy to trim his article, and it's wasting the time of all readers.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From None@21:1/5 to All on Tue Sep 19 22:00:49 2023
    On 19/09/2023 19:12, Claus Aßmann wrote:
    None wrote:

    I am wondering if there is a relationship between this waiting of the
    client issuing more smtp commands and sendmail 'flushing' the dnsbl
    lookup. Or maybe it flushes when STARTTLS is requested?

    The DNSBL lookups are done before a process to accept the connection
    is started and the result of the check_relay ruleset is passed
    to the "smtp" process.
    So the only way this can "fail" is if something goes wrong with
    the DNS lookup.
    As mentioned some "DNS" lookup code in C libraries is broken
    returning bogus results.
    You could turn on some debugging (-D /tmp/dns.log -d38.40)
    or increase the LogLevel to at least 10
    to get more info about lookups done via a "dns" map.
    That is probably the best way to track down the problem.


    What about if multiple A records are returned by spamhaus? This is with
    more logging. You can see it works only with the 127.0.0.11, and below
    is the complete output with 3 records.



    Sep 19 21:32:13 out2 sendmail[152710]: NOQUEUE: connect from
    [149.113.65.182]
    Sep 19 21:32:13 out2 sendmail[152710]: NOQUEUE: dns 182.65.113.149.zen.spamhaus.org. => 127.0.0.11



    Sep 19 21:32:16 sendmail[152710]: 38JJWDsu152710: <-- AUTH LOGIN
    Sep 19 21:32:16 sendmail[152710]: 38JJWDsu152710: --- 334 VXNlcm5hbWU6
    Sep 19 21:32:17 sendmail[152710]: 38JJWDsu152710: --- 334 UGFzc3dvcmQ6
    Sep 19 21:32:20 sendmail[152710]: 38JJWDsu152710: --- 535 5.7.0
    authentication failed
    Sep 19 21:32:20 sendmail[152710]: 38JJWDsu152710: AUTH failure (LOGIN): authentication failure (-13) SASL(-13): authentication failure:
    checkpass failed, user=info@matthijsvanheijningen.com,
    relay=[149.113.65.182]


    [@log]# testrbl.sh 149.113.65.182
    149.113.65.182 (182.65.113.149)
    zen.spamhaus.org 127.0.0.4,127.0.0.3,127.0.0.11 "https://www.spamhaus.org/sbl/query/SBLCSS" "https://www.spamhaus.org/query/ip/149.113.65.182"
    bl.spamcop.net
    dul.rbl-dns.com


    [@log]# testrbl.sh 149.113.65.182
    149.113.65.182 (182.65.113.149)
    zen.spamhaus.org 127.0.0.3,127.0.0.11,127.0.0.4 "https://www.spamhaus.org/query/ip/149.113.65.182" "https://www.spamhaus.org/sbl/query/SBLCSS"
    bl.spamcop.net
    dul.rbl-dns.com


    [@log]# testrbl.sh 149.113.65.182
    149.113.65.182 (182.65.113.149)
    zen.spamhaus.org 127.0.0.11,127.0.0.4,127.0.0.3 "https://www.spamhaus.org/sbl/query/SBLCSS" "https://www.spamhaus.org/query/ip/149.113.65.182"
    bl.spamcop.net
    dul.rbl-dns.com

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Claus =?iso-8859-1?Q?A=DFmann?= @21:1/5 to None on Wed Sep 20 02:09:06 2023
    None wrote:

    What about if multiple A records are returned by spamhaus? This is with

    Good find!

    Add '-z -Z9' to the K line:
    Kednsbl dns -R A -a. -T<TMP> -r5 -z -Z9
    (note there are two spaces after "-z"!)
    and try again.

    --
    Note: please read the netiquette before posting. I will almost never
    reply to top-postings which include a full copy of the previous
    article(s) at the end because it's annoying, shows that the poster
    is too lazy to trim his article, and it's wasting the time of all readers.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From None@21:1/5 to All on Wed Sep 20 08:51:08 2023
    On 20/09/2023 08:09, Claus Aßmann wrote:
    None wrote:

    What about if multiple A records are returned by spamhaus? This is with

    Good find!

    Add '-z -Z9' to the K line:
    Kednsbl dns -R A -a. -T<TMP> -r5 -z -Z9
    (note there are two spaces after "-z"!)
    and try again.


    It matches nothing

    Sep 20 08:35:21 sendmail[157012]: NOQUEUE: connect from [45.123.202.2]
    Sep 20 08:35:21 sendmail[157012]: NOQUEUE: dns
    2.202.123.45.zen.spamhaus.org. => 127.0.0.3 127.0.0.4
    Sep 20 08:35:21 sendmail[157012]: AUTH: available mech=GSS-SPNEGO GSSAPI
    LOGIN PLAIN ANONYMOUS, allowed mech=EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN Sep 20 08:35:21 sendmail[157012]: 38K6ZLe9157012: Milter (mailfromd):
    init success to negotiate

    Sep 20 08:35:27 sendmail[157012]: 38K6ZLe9157012: --- 535 5.7.0
    authentication failed
    Sep 20 08:35:27 sendmail[157012]: 38K6ZLe9157012: AUTH failure (LOGIN): authentication failure (-13) SASL(-13): authentication failure:
    checkpass failed, user=xxxxxx, relay=[45.123.202.2]



    I am currently running with putting the same line 2 times

    FEATURE(`enhdnsbl', `zen.spamhaus.org', `"554 Rejected " $&{client_addr}
    " SPAM (zen.spamhaus.org)"', `t', `127.0.0.3.',`127.0.0.4.')dnl

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Claus =?iso-8859-1?Q?A=DFmann?= @21:1/5 to All on Wed Sep 20 03:39:24 2023
    FEATURE(`enhdnsbl', `zen.spamhaus.org', `"554 Rejected " $&{client_addr}
    " SPAM (zen.spamhaus.org)"', `t', `127.0.0.3.',`127.0.0.4.')dnl

    Unfortunately this requires many more changes...

    First: remove the trailing dot for each IP:
    FEATURE(`enhdnsbl', `zen.spamhaus.org', `"554 Rejected " $&{client_addr}" SPAM (zen.spamhaus.org)"', `t', `127.0.0.3',`127.0.0.4')dnl

    Next: put this enhdnsbl.m4 file into cf/fea*/
    (make sure nothing messed up the TABs!)

    Hopefully it will work...

    divert(-1)
    #
    # Copyright (c) 2000-2002, 2005-2007 Proofpoint, Inc. and its suppliers.
    # All rights reserved.
    #
    # By using this file, you agree to the terms and conditions set
    # forth in the LICENSE file which can be found at the top level of
    # the sendmail distribution.
    #
    #

    ifelse(defn(`_ARG_'), `',
    `errprint(`*** ERROR: missing argument for FEATURE(`enhdnsbl')')') divert(0)
    ifdef(`_EDNSBL_R_',`dnl',`dnl
    VERSIONID(`$Id: enhdnsbl.m4,v 1.13 2013-11-22 20:51:11 ca Exp $')
    LOCAL_CONFIG
    define(`_EDNSBL_R_',`')dnl
    # map for enhanced DNS based blocklist lookups
    Kednsbl dns -R A -T<TMP> -z -Z9 -r`'ifdef(`EDNSBL_TO',`EDNSBL_TO',`5')
    ')
    divert(-1)
    define(`_EDNSBL_SRV_', `_ARG_')dnl
    define(`_EDNSBL_MSG_',
    `ifelse(len(X`'_ARG2_),`1',`"550 Rejected: " $`'&{client_addr} " listed at '_EDNSBL_SRV_`"',
    X`'_ARG2_,`Xquarantine',`_EDNSBL_SRV_',
    `_ARG2_')')dnl
    define(`_EDNSBL_MSG_TMP_', `ifelse(_ARG3_,`t',`"451 Temporary lookup failure of " $`'&{client_addr} " at '_EDNSBL_SRV_`"',`_ARG3_')')dnl
    define(`_EDNSBL_MATCH_', `ifelse(len(X`'_ARG4_),`1',`$`'+',_ARG4_)')dnl define(`_EDNSBL_ACTION_',
    `ifelse(X`'_ARG2_,`Xquarantine',`$`'#error $`'@ quarantine',
    X`'_ARG2_,`Xdiscard',`$`'#discard',
    `$`'#error $`'@ 5.7.1')')dnl
    divert(8)
    # DNS based IP address spam list _EDNSBL_SRV_
    R$* $: $&{client_addr}
    R$-.$-.$-.$- $: <?> $(ednsbl $4.$3.$2.$1._EDNSBL_SRV_. $: OK $) R<?>OK $: OKSOFAR
    ifelse(len(X`'_ARG3_),`1',
    `R<?>$+<TMP> $: TMPOK',
    `R<?>$+<TMP> $#error $@ 4.4.3 $: _EDNSBL_MSG_TMP_')
    R<?>$* _EDNSBL_MATCH_ $* _EDNSBL_ACTION_ $: _EDNSBL_MSG_ ifelse(len(X`'_ARG5_),`1',`dnl',
    `R<?>$* _ARG5_ $* _EDNSBL_ACTION_ $: _EDNSBL_MSG_') ifelse(len(X`'_ARG6_),`1',`dnl',
    `R<?>$* _ARG6_ $* _EDNSBL_ACTION_ $: _EDNSBL_MSG_') ifelse(len(X`'_ARG7_),`1',`dnl',
    `R<?>$* _ARG7_ $* _EDNSBL_ACTION_ $: _EDNSBL_MSG_') ifelse(len(X`'_ARG8_),`1',`dnl',
    `R<?>$* _ARG8_ $* _EDNSBL_ACTION_ $: _EDNSBL_MSG_') ifelse(len(X`'_ARG9_),`1',`dnl',
    `R<?>$* _ARG9_ $* _EDNSBL_ACTION_ $: _EDNSBL_MSG_')
    divert(-1)


    --
    Note: please read the netiquette before posting. I will almost never
    reply to top-postings which include a full copy of the previous
    article(s) at the end because it's annoying, shows that the poster
    is too lazy to trim his article, and it's wasting the time of all readers.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From None@21:1/5 to All on Wed Sep 20 11:10:08 2023
    On 20/09/2023 09:39, Claus Aßmann wrote:
    FEATURE(`enhdnsbl', `zen.spamhaus.org', `"554 Rejected " $&{client_addr}
    " SPAM (zen.spamhaus.org)"', `t', `127.0.0.3.',`127.0.0.4.')dnl

    Unfortunately this requires many more changes...

    First: remove the trailing dot for each IP:
    FEATURE(`enhdnsbl', `zen.spamhaus.org', `"554 Rejected " $&{client_addr}" SPAM (zen.spamhaus.org)"', `t', `127.0.0.3',`127.0.0.4')dnl

    Next: put this enhdnsbl.m4 file into cf/fea*/
    (make sure nothing messed up the TABs!)

    Hopefully it will work...


    Looks like this goes well, thanks!

    Sep 20 10:25:33 sendmail[158098]: NOQUEUE: connect from [220.163.252.244]
    Sep 20 10:25:33 sendmail[158098]: NOQUEUE: dns 244.252.163.220.zen.spamhaus.org. => 127.0.0.4 127.0.0.11
    Sep 20 10:25:33 sendmail[158098]: NOQUEUE: --- 554 5.7.1 Rejected 220.163.252.244 SPAM (zen.spamhaus.org) (hold)


    Sep 20 10:26:56 sendmail[158116]: NOQUEUE: connect from cpe-68-174-46-227.hvc.res.rr.com [68.174.46.227]
    Sep 20 10:26:56 sendmail[158116]: NOQUEUE: dns
    227.46.174.68.zen.spamhaus.org. => 127.0.0.10 127.0.0.4 127.0.0.3
    Sep 20 10:26:56 sendmail[158116]: NOQUEUE: --- 554 5.7.1 Rejected
    68.174.46.227 SPAM (zen.spamhaus.org) (hold)


    ep 20 10:31:16 sendmail[158159]: NOQUEUE: connect from ip033.net-81-16-165.koping.net [81.16.165.33]
    Sep 20 10:31:16 sendmail[158159]: NOQUEUE: dns
    33.165.16.81.zen.spamhaus.org. => 127.0.0.11 127.0.0.4
    Sep 20 10:31:16 sendmail[158159]: NOQUEUE: --- 554 5.7.1 Rejected
    81.16.165.33 SPAM (zen.spamhaus.org) (hold)


    Sep 20 10:27:47 sendmail[158128]: NOQUEUE: connect from cpe-101-183-53-35.nb17.nsw.asp.telstra.net [101.183.53.35] (may be forged)
    Sep 20 10:27:47 sendmail[158128]: NOQUEUE: dns
    35.53.183.101.zen.spamhaus.org. => 127.0.0.3 127.0.0.10 127.0.0.4
    Sep 20 10:27:47 sendmail[158128]: NOQUEUE: --- 554 5.7.1 Rejected
    101.183.53.35 SPAM (zen.spamhaus.org) (hold)

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)