Roland Plüss a écrit : >> There is no "dns bypass". I did not tell you to edit /etc/hosts. I told >> you to run the following command: >> >> host 2.0.0.127.zen.spamhaus.org >> >> in short, connect to your postfix server and in the terminal, type the >> line above, hit "ENTER" and see what the system tells you. "host" is >> similar to "nslookup". Am I clear now? >> > I know what host or nslookup is. I'm not stupid on that front. > It gives > 2.0.0.127.zen.spamhaus.org has address 127.0.0.4 > 2.0.0.127.zen.spamhaus.org has address 127.0.0.2 > 2.0.0.127.zen.spamhaus.org has address 127.0.0.10 >
Good. They don't block you. > It's just that you said they monitor the number of "dns queries". Now by > bypassing a query for the DNS I can put it locally on my machine so no > queries for the DNS goes out to the net. zen.spamhaus.org is a DNSBL (DNS based BlackList). you cannot use it without DNS (unless you pay for a feed). > Whatever I removed the line > from /etc/hosts for testing but it still doesn't seem to work. <humour> When you say "it"? do your mean the line or /etc/hosts? </humour> >> Also, post the output of >> postconf -n >> Last time you showed it, you did not have zen in your config. >> > postconf -n doesn't show the zen but I have it in my config. # grep smtpd_recipient_restrictions main.cf If you see two occurences or more, you have redefined it. postfix only uses the last. # grep smtpd_recipient_restrictions master.cf if you find some, they may be used in place of the one defined in main.cf If this doesn't help, then try this: 1- mv main.cf main.bak 2- postfix stop 3- postfix start if postfix starts succesfully, then it is the wrong main.cf. > > main.cf ( snippet ): > smtpd_recipient_restrictions = > permit_mynetworks, > reject_unauth_destination, > reject_non_fqdn_hostname, > reject_non_fqdn_sender, > reject_non_fqdn_recipient, > reject_unknown_recipient_domain, > reject_rbl_client zen.spamhaus.org, > permit > > Restarterted postfix multiple times. postconf -n still shows no sign of > zen. What gives? > postconf -n ( snippet ): > smtpd_helo_required = yes > smtpd_helo_restrictions = permit_mynetworks, check_helo_access > hash:/etc/postfix/helo_access, reject_invalid_helo_hostname, > reject_non_fqdn_helo_hostname, reject_unknown_helo_hostname, permit > smtpd_recipient_restrictions = > permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination > smtpd_sasl_auth_enable = no > smtpd_sasl_local_domain = > smtpd_sasl_security_options = noanonymous > smtpd_sender_restrictions = permit_mynetworks, check_sender_access > hash:/etc/postfix/sender_access, reject_non_fqdn_sender, > reject_unknown_sender_domain, reject_sender_login_mismatch, permit >
