On 2025-06-09 at 14:59:39 UTC-0400 (Mon, 9 Jun 2025 11:59:39 -0700)
Doug Hardie via Postfix-users <bc...@lafn.org>
is rumored to have said:
On my mail server:
mail# blacklistctl dump -br | tail
218.94.104.180/32:587 OK 3/3 4h12m17s
222.132.167.110/32:587 OK 3/3 1h59m1s
91.45.76.228/32:587 OK 3/3 5h1m53s
36.39.140.2/32:587 OK 3/3 5h9m34s
87.200.232.247/32:587 OK 6/3 4h3m9s
62.48.165.174/32:587 OK 99/3 8h37m15s
123.55.175.130/32:587 OK 4/3 8h15m35s
88.201.163.65/32:587 OK 4/3 4h20m37s
218.4.214.115/32:587 OK 15/3 58m17s
70.166.207.76/32:587 OK 13/3 8h21m19s
mail# blacklistctl dump -br | wc -l
704
mail# pfctl -a blacklistd/587 -t port587 -Ts | wc -l
609
The blacklisted IPs are in the pf tables. However, pf is not blocking
them. Using the next to last address above:
mail# grep 218.4.214.115 /var/log/maillog
Jun 9 10:21:57 mail postfix/postscreen[13719]: CONNECT from
[218.4.214.115]:55584 to [10.0.1.230]:25
Is a blacklistd entry for port587 supposed to block port 25?
I use blacklistd with ipfw, where the 'portxyz' tables are used in rules
that only block port xyz. I would expect that it does the same with pf.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo@toad.social and many *@billmail.scconsult.com
addresses)
Not Currently Available For Hire
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
