Re: dnswl doesn't work?

Tue, 03 Aug 2010 14:52:50 -0700 

On 8/3/2010 4:42 PM, Chris St Denis wrote:

  I've setup a dns whitelist from dnswl.org as per the
instructions here: http://www.dnswl.org/tech#postfix

However I've discovered it doesn't work, because I rejected an
email coming from a gmail server that got itself blacklisted
by sorbs, but it is on the whitelist.

Why is this not working?


Log of email transaction

    Aug 3 14:01:25 server postfix/smtpd[24064]: connect from
    mail-wy0-f180.google.com[74.125.82.180]
    Aug 3 14:01:26 server postfix/smtpd[24064]: NOQUEUE:
    reject: RCPT from mail-wy0-f180.google.com[74.125.82.180]:
    554 5.7.1 Service unavailable; Client host [74.125.82.180]
    blocked using dnsbl.sorbs.net; Currently Sending Spam See:
    http://www.sorbs.net/lookup.shtml?74.125.82.180;
    from=<remo...@gmail.com> to=<remo...@removed.com>
    proto=ESMTP helo=<mail-wy0-f180.google.com>
    Aug 3 14:01:26 server postfix/smtpd[24064]: disconnect
    from mail-wy0-f180.google.com[74.125.82.180]

my restrictions

    smtpd_recipient_restrictions = permit_mynetworks,
    permit_sasl_authenticated,
    reject_invalid_hostname,
    reject_unknown_recipient_domain,
    reject_unauth_destination,
    reject_invalid_helo_hostname,
    reject_non_fqdn_helo_hostname,
    *check_client_access
    cidr:/usr/local/etc/postfix/postfix-dnswl-permit,*
    reject_rbl_client zen.spamhaus.org,
    *reject_rbl_client dnsbl.sorbs.net,*
    check_policy_service inet:127.0.0.1:10031

server# grep -C 5 '74.125.82.180'
/usr/local/etc/postfix/postfix-permit

    74.125.83.44/32 permit_auth_destination none google.com
    DNSWLId 1429
    74.125.83.43/32 permit_auth_destination none google.com
    DNSWLId 1429
    74.125.83.42/32 permit_auth_destination none google.com
    DNSWLId 1429
    74.125.83.41/32 permit_auth_destination none google.com
    DNSWLId 1429
    74.125.82.187/32 permit_auth_destination none google.com
    DNSWLId 1429
    *74.125.82.180/32 permit_auth_destination none google.com
    DNSWLId 1429*
    74.125.82.174/32 permit_auth_destination none google.com
    DNSWLId 1429
    74.125.82.173/32 permit_auth_destination none google.com
    DNSWLId 1429
    74.125.82.172/32 permit_auth_destination none google.com
    DNSWLId 1429
    74.125.82.69/32 permit_auth_destination none google.com
    DNSWLId 1429
    74.125.82.65/32 permit_auth_destination none google.com
    DNSWLId 1429


The destination domain is in my virtual_mailbox_domains, and
destination email address in my virtual_mailbox_maps
Do you have reject_rbl_client dnsbl.sorbs.net somewhere else in your config? Show us your postconf -n output. 

Did you run "postfix reload" after editing main.cf?

  -- Noel Jones

Reply via email to