On Tue, Apr 07, 2009 at 12:24:27PM -0600, LuKreme wrote: > from postconf -n
Don't summarize the "postconf -n" output. All parameters are required, and relevant master.cf "-o foo=bar" overrides as necessary. > smtpd_recipient_restrictions = reject_non_fqdn_sender, > reject_non_fqdn_recipient, reject_unknown_sender_domain, > reject_invalid_hostname, permit_mynetworks, check_client_access > hash:$config_directory/pbs, permit_sasl_authenticated, > reject_unauth_destination, reject_unlisted_sender, check_client_access > cidr:/var/db/dnswl/postfix-dnswl-permit check_helo_access > pcre:$config_directory/helo_checks.pcre, check_sender_access > pcre:$config_directory/sender_access.pcre, check_client_access > pcre:$config_directory/check_client_fqdn.pcre, check_recipient_access > pcre:$config_directory/recipient_checks.pcre, check_client_access > hash:$config_directory/access, reject_rbl_client zen.spamhaus.org, permit > > smtpd_sender_restrictions = check_client_access hash:$config_directory/pbs, > permit_sasl_authenticated, permit_mynetworks > > checking pbs map (pop-before-smtp) > $ postmap -q 71.211.x.x hash:/etc/postfix/pbs > ok > > The timeout on pbs is around 60 minutes. > > this is the log line that gets the IP address into pbs: > Apr 6 19:43:09 mail courier-i-ssl: LOGIN, user=user1, > ip=[::ffff:71.211.x.x], protocol=IMAP This is an IPv4 in IPv6 address, what form of this address did pop-before-smtp add to the database? > And here is the attempt to send: > Apr 6 19:44:53 mail postfix/smtpd[81337]: NOQUEUE: reject: RCPT from > 71-211-x-x.hlrn.qwest.net[71.211.x.x]: 554 5.7.1 Service unavailable; > Client host [71.211.x.x] blocked using zen.spamhaus.org; > http://www.spamhaus.org/query/bl?ip=71.211.x.x; > from=<us...@localdomain.tld> to=<us...@2ndlocaldomain.tld> proto=ESMTP > helo=<[192.168.0.3]> This is an IPv4 connection. Either too soon for the pbs listing to have been made, or the pbs lookup key is IPv6 (pbs supports such log entries at all). This made it because the recipient was not remote. Don't report similar issues without accompanying "postmap -q" results that demostrate the presence/absence of the expected keys/values. > > and also this: > pr 6 19:43:09 mail postfix/smtpd[81337]: NOQUEUE: reject: RCPT from > 71-211-x.x.hlrn.qwest.net[71.211.x.x]: 554 5.7.1 <user3@@earthlink.net>: > Relay access denied; from=<us...@localdomain.tld> to=<us...@earthlink.net> > proto=ESMTP helo=<[192.168.0.3]> This was blocked by "reject_unauth_destination". Consistent with ipv4 address not present as a lookup key in the "pbs" table. -- Viktor. Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the "Reply-To" header. To unsubscribe from the postfix-users list, visit http://www.postfix.org/lists.html or click the link below: <mailto:majord...@postfix.org?body=unsubscribe%20postfix-users> If my response solves your problem, the best way to thank me is to not send an "it worked, thanks" follow-up. If you must respond, please put "It worked, thanks" in the "Subject" so I can delete these quickly.
