Hi, It seems that I've found a serious bug in check_client_access (or something is missing in the documentation).
A message was blocked with the following in the log: Nov 3 21:16:55 ioooi postfix/smtpd[15423]: NOQUEUE: reject: RCPT from mx003.twitter.com[128.121.146.152]: 554 5.7.1 Service unavailable; Client host [128.121.146.152] blocked using bl.spamcop.net; Blocked - see http://www.spamcop.net/bl.shtml?128.121.146.152; from=<twitter-follow-xxxxxxxxxx=xxxxxx....@postmaster.twitter.com> to=<xxxxxxx...@xxxxxx.xxx> proto=ESMTP helo=<mx003.twitter.com> In my /etc/postfix/main.cf file, I have: smtpd_client_restrictions = permit_mynetworks, check_client_access hash:/etc/postfix/rbl_override, reject_rbl_client bl.spamcop.net, reject_rbl_client sbl.spamhaus.org and /etc/postfix/rbl_override contains in particular: .twitter.com OK /etc/postfix/rbl_override.db had been rebuilt with "postmap /etc/postfix/rbl_override". As .twitter.com matches subdomains, it should have matched mx003.twitter.com, and due to the ".twitter.com OK", the RBL's shouldn't have been checked. The machine is an Ubuntu 9.04 (jaunty), with the postfix 2.5.5-1.1 package. The machine has been rebooted since the latest config changes. -- Vincent Lefèvre <vinc...@vinc17.net> - Web: <http://www.vinc17.net/> 100% accessible validated (X)HTML - Blog: <http://www.vinc17.net/blog/> Work: CR INRIA - computer arithmetic / Arénaire project (LIP, ENS-Lyon)
