using reject_rbl_client with rbldnsd daemon

Tue, 17 Feb 2009 11:07:31 -0800 

Hi,

I am attempting to setup and run my own dnsbl service.
I am using rbldnsd: Small Daemon for DNSBLs from 
http://www.corpit.ru/mjt/rbldnsd.html
I have setup the dnsbl daemon to run on server3.com (same server postfix is 
running on).
I have verified using dig that the A record is found:

dig @server3.com  -p 53 47.85.81.1.server3.com

; <<>> DiG 9.3.3rc2 <<>> @server3.com -p 53 47.85.81.1.server3.com
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 719
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;47.85.81.1.server3.com. IN A

;; ANSWER SECTION:
47.85.81.1.server3.com. 2100 IN A 127.0.0.2

;; Query time: 1 msec
;; SERVER: 1.81.85.97#53(1.81.85.97)
;; WHEN: Tue Feb 17 13:24:33 2009
;; MSG SIZE  rcvd: 70

I then started an smtp session from server2 (1.81.85.47). I am expecting 
postfix to refuse the connection,
however, it fails to find the A record and allows the mail to be sent.
Below is a snipet of the logs:

dict_lookup: smtpd_client_restrictions = reject_unauth_pipelining     
reject_rbl_client server3.com
mac_parse: reject_unauth_pipelining     reject_rbl_client server3.com
dict_eval: const  reject_unauth_pipelining     reject_rbl_client server3.com
connect from server2.com[1.81.85.47]
>>> START Client host RESTRICTIONS <<<
generic_checks: name=reject_unauth_pipelining
reject_unauth_pipelining: CONNECT
generic_checks: name=reject_unauth_pipelining status=0
generic_checks: name=reject_rbl_client
reject_rbl: Client host 1.81.85.47
dns_query: 47.85.81.1.server3.com (A): Host not found
ctable_locate: install entry key 47.85.81.1.server3.com
generic_checks: name=reject_rbl_client status=0
>>> END Client host RESTRICTIONS <<<
> server2.com[1.81.85.47]: 220 server3.com ESMTP Internet Inbound
watchdog_pat: 0x13641ed0
vstream_fflush_some: fd 13 flush 51
vstream_buf_get_ready: fd 13 got 28
< server2.com[1.81.85.47]: ehlo server2.com
>>> START Helo command RESTRICTIONS <<<


Has anyone used this rbldnsd daemon service with postfix?

Thanks - George


_________________________________________________________________
Stay up to date on your PC, the Web, and your mobile phone with Windows Live.
http://clk.atdmt.com/MRT/go/msnnkwxp1020093185mrt/direct/01/

Reply via email to