On 6/4/2010 6:29 PM, Drew Tomlinson wrote:
I'm finding the following in my mail log:
Jun 4 08:55:11 blacklamb postfix/smtpd[95132]: NOQUEUE: reject: RCPT
from outmail008.snc1.tfbnw.net[69.63.178.167]: 554 5.7.1 Service
unavailable;
Client host [69.63.178.167] blocked using bl.spamcop.net; Blocked - see
http://www.spamcop.net/bl.shtml?69.63.178.167;
from=<notification+o=6pg...@facebookmail.com>
to=<d...@mykitchentable.net> proto=ESMTP helo=<mx-out.facebook.com>
OK, I get it. Facebook email is being blocked because servers it uses
are on a SpamCop blacklist. How can I allow mail from servers
identifying themselves as<anything>.facebook.com before blacklist
processing?
Here is the relevant section of my main.cf file:
smtpd_client_restrictions =
check_client_access hash:/usr/local/etc/postfix/client_access,
reject_unauth_pipelining,
reject_rbl_client dnsbl.njabl.org,
reject_rbl_client bl.spamcop.net,
reject_rbl_client zen.spamhaus.org,
reject_rbl_client spam.dnsbl.sorbs.net,
reject_rbl_client web.dnsbl.sorbs.net,
reject_rbl_client smtp.dnsbl.sorbs.net,
reject_rbl_client dsn.rfc-ignorant.org
And here is the content of my ./client_access file:
facebookmail.com PERMIT
facebook.com PERMIT
I have used the postmap command to create client_access.db and issued
'postfix reload' to ensure changes take effect. However mail is still
blocked.
What am I missing?
You're using check_client_access, so postfix looks up the
client information; in this case outmail008.snc1.tfbnw.net and
69.63.178.167, neither of which are found in your access
table. See man 5 access "search order" to see how postfix
searches for subparts.
facebookmail.com is part of the sender address, facebook.com
is part of the HELO hostname.
Probably the easiest solution is to add
tfbnw.net OK
to your access table.
