Le 16/06/2011 18:34, Petre Bandac a écrit : > hello > > in the last period I had several complains about mail originating from > yahoo/gmail not reaching the mailbox > > logging in the logs I found entries like this: > > ### > Jun 16 10:07:12 mx postfix/smtpd[27072]: NOQUEUE: reject: RCPT from > mail-fx0-f67.google.com[209.85.161.67]: 554 5.7.1 Service unavailable; > Client host [209.85.161.67] blocked using dnsbl.sorbs.net; Currently > Sending Spam See: http://www.sorbs.net/lookup.shtml?209.85.161.67; > from=<x...@clicknet.ro> to=<x...@xxxx.ro> proto=ESMTP > helo=<mail-fx0-f67.google.com>
http://en.wikipedia.org/wiki/Spam_and_Open_Relay_Blocking_System#Aggressiveness PS. your subject says "different" rbl's, but you only show one RBL. > [snip] > is there any (more) elegant solution for keeping rbl queries and allow > legit yahoo/gmail emails ? > use DNSWL. > [snip] > smtpd_recipient_restrictions = > > check_sender_access hash:/usr/local/etc/postfix/sender_checks, > permit_sasl_authenticated, > permit_mynetworks, > check_client_access > hash:/usr/local/etc/postfix/spammers-accepted, > reject_non_fqdn_recipient, > reject_unknown_sender_domain, > reject_unknown_recipient_domain, > reject_unauth_destination, > reject_unauth_pipelining, > reject_invalid_hostname, > reject_non_fqdn_hostname, > permit_mx_backup, > reject > 1) I see no reject_rbl_* 2) This is unsafe. do not put check_*_access before reject_unauth_destination. > [snip]
