@emailmp I don't see it in the default SA rules (nor it is in Rspamd). Furthermore, https://t.co/9lPCBqSsg0 is in SA uribl skip list. However, to my best knowledge, spammers are actively using Amazon SES for their actions (as well as many legit senders unfortunately).
@ovh_support_en@Hetzner_Online I really don't know where to write, as your support systems are "automated", but your port scan monitors triggers from #rspamd fuzzy checks (UDP 11335). I will appreciate any help as I don't want my servers to be blocked for users by some other bot
Rspamd infrastructure is down so far (the site, email, fuzzy etc). It was caused by the server fault. I have contacted the support but I don't know when they are able to reply, so I have no estimation for the downtime. I'm sorry for any inconveniences caused.
@ruudschilders It works. Your issue is probably related to https://t.co/6sjJIvJv6P as many of their users use dynamic IP addresses and this issue is NOT resolved yet.
One more thing to confirm: your IP will NOT be banned if you use 1.8.1 from Buster, nor 0.6.10 from Jessie, nor anything more recent from other Debian releases. My script detects different patterns that do not affect these versions listed above.
Please STOP using #rspamd 1.8.1 from Debian distros (e.g. buster). Your IP will be banned on https://t.co/7daGmxDdPD as this version causes extensive load on my servers due to a bug. Debian won't care of that. Please use only packages that are provided by #rspamd, not Debian.
Ok, I can confirm now that this issue have NOT been caused by the versions that are shipped with Debian. I'm sorry for the noise. But I still would recommend to use the packages from Rspamd itself.
@JulianKlode Thank you for looking into this! I've tried to prepare a patch for 1.8.1 and found that this version is not responsible for those messy requests. So we can probably leave it as is...
@vkhachaturov @workaround_org It seems that it was not 1.8.1 version that ruins my server but something older. And it is not 0.6.10 from jessie: it doesn't query https://t.co/7daGmxDdPD maps at all. Now it looks like a detective story...
@JulianKlode Ok, so my question is simple: who is going to fix it? It requires patching and I do not have resources to support such outdated versions. I've asked Debian developers not to include Rspamd mainly because of that.