JF Mezei a écrit : > I am new to the list. > > This is on OS-X Server 10.6.3 on an Xserve with postfix 2.5.5 that came > with the system. > > > I have a situation where using zen.spamhaus.org , spam gets through > despite zen saying that IP is bad. > > here is a sample error message: > > connect from cpe-67-252-139-22.buffalo.res.rr.com [67.252.139.22] > May 19 01:09:15 velo postfix/smtpdP26473]: warning: > 22.139.252.67.zen.spamhaus.org: RBL lookup error: Host or domain name > not found. Name service error for name=22.139.252.67.zen.spamhaus.org > type=A: Host not found, try again > > > > nslookup 22.139.252.67.zen.spamhaus.org > Server: 10.0.0.20 > Address: 10.0.0.20#53 > > Non-authoritative answer: > Name: 22.139.252.67.zen.spamhaus.org > Address: 127.0.0.10 > Name: 22.139.252.67.zen.spamhaus.org > Address: 127.0.0.4 > > > Is it possible that the postfix software barfs when the RBL lookup > returns multiple responses and lets the messsage through ?
See for yourself: May 21 01:47:21 imlil postmx/smtpd[71793]: NOQUEUE: reject: RCPT from 198-15.62-188.cust.bluewin.ch[188.62.15.198]: 554 5.7.1 Service unavailable; Client host [188.62.15.198] blocked using zen.spamhaus.org; http://www.spamhaus.org/query/bl?ip=188.62.15.198; from=<bavodiq6...@bluewin.ch> to=<mo...@netoyen.net> proto=ESMTP helo=<bluewin.ch> $ host 198.15.62.188.zen.spamhaus.org 198.15.62.188.zen.spamhaus.org has address 127.0.0.4 198.15.62.188.zen.spamhaus.org has address 127.0.0.11 > > Is there a way to fix this (other than removing zen and adding the > individual lists it contains) ? > > > This is a low volume server. And if I exceeded my daily quota, wouldn't > the nslookup command also fail ? > cold processes are more efficient than genius logic. please show your master.cf. if your smtpd is chrooted, you can take a 3 weeks vacation;-p second thing to say is to tell us more about which pieces of software you use for dns, and which forwarding mechanism you use (the reference is: you run a _real_ dns server locally, and you configure it to resolve directly, with no forwarding).
