On 8/11/2010 8:44 PM, junkyardma...@verizon.net wrote:
With smtpd_delay_reject = yes
Which of the restriction sections was the following logged
rejection for?
Or put another way, in which of the restriction sections was
the rejection option "reject_rbl_client pbl.spamhaus.org" that
resulted in the logged rejection?
Why would you put pbl.spamhaus.org in more than one section?
Restriction Options:
smtpd_client_restrictions
smtpd_helo_restrictions
smtpd_etrn_restrictions
smtpd_sender_restrictions
smtpd_recipient_restrictions
smtpd_data_restrictions
smtpd_end_of_data_restrictions
Aug 10 19:00:14 RapidVPS1 postfix-mx/smtpd[9301]: NOQUEUE:
reject: RCPT from unknown[190.40.76.65]: 521 5.7.1 Service
unavailable; Client host [190.40.76.65] blocked using
pbl.spamhaus.org;
http://www.spamhaus.org/query/bl?ip=190.40.76.65;
from=<c...@blah.com> to=<c...@blah.com> proto=SMTP
helo=<client-190.40.76.65.speedy.net.pe>
It says RCPT because that is the stage at which the rejections
are processed when smtpd_delay_reject is enable. But that is
not the restriction section the rejection was for.
It was actually an smtpd_client_restrictions, so when
smtpd_delay_reject is enabled would like it to be logged
similarly to how it would be if smtpd_delay_reject was
disabled. Designation of CONNECT rather than RCPT.
Aug 10 19:00:14 RapidVPS1 postfix-mx/smtpd[9301]: NOQUEUE:
reject: CONNECT from unknown[190.40.76.65]: 521 5.7.1 Service
unavailable; Client host [190.40.76.65] blocked using
pbl.spamhaus.org;
http://www.spamhaus.org/query/bl?ip=190.40.76.65;
from=<c...@mydomain.com> to=<c...@mydomain.com> proto=SMTP
helo=<client-190.40.76.65.speedy.net.pe>
When smtpd_delay_reject is disabled it would be logged as:
Aug 10 19:00:14 RapidVPS1 postfix-mx/smtpd[9301]: NOQUEUE:
reject: CONNECT from unknown[190.40.76.65]: 521 5.7.1 Service
unavailable; Client host [190.40.76.65] blocked using
pbl.spamhaus.org;
http://www.spamhaus.org/query/bl?ip=190.40.76.65; proto=SMTP
Hope this clarifies rather then muddies.
Don't use duplicate restrictions.
