On Thu, 16 Jun 2011 23:07:33 +0200 Anno Domini the honourable mouss <mo...@ml.netoyen.net> wrote using one of his/her keyboards:
> Le 16/06/2011 22:33, Petre Bandac a écrit : > > On Thu, 16 Jun 2011 22:26:24 +0200 Anno Domini > > the honourable mouss <mo...@ml.netoyen.net> wrote using one of > > his/her keyboards: > > > >> Le 16/06/2011 18:34, Petre Bandac a écrit : > >>> hello > >>> > >>> in the last period I had several complains about mail originating > >>> from yahoo/gmail not reaching the mailbox > >>> > >>> logging in the logs I found entries like this: > >>> > >>> ### > >>> Jun 16 10:07:12 mx postfix/smtpd[27072]: NOQUEUE: reject: RCPT > >>> from mail-fx0-f67.google.com[209.85.161.67]: 554 5.7.1 Service > >>> unavailable; Client host [209.85.161.67] blocked using > >>> dnsbl.sorbs.net; Currently Sending Spam See: > >>> http://www.sorbs.net/lookup.shtml?209.85.161.67; > >>> from=<x...@clicknet.ro> to=<x...@xxxx.ro> proto=ESMTP > >>> helo=<mail-fx0-f67.google.com> > >> > >> > >> http://en.wikipedia.org/wiki/Spam_and_Open_Relay_Blocking_System#Aggressiveness > >> > >> PS. your subject says "different" rbl's, but you only show one RBL. > > > > sorry, I did a copy/paste after commenting the lines > > > > reject_rbl_client cbl.abuseat.org > > cbl is included in zen. check if you really want to check cbl... > > > reject_rbl_client zen.spamhaus.org > > reject_rbl_client dnsbl.sorbs.net > > you could try the "safe" subzone. but it's better to remove sorbs from > postfix. sorbs may be better in spamassassin. > > > reject_rbl_client combined.njabl.org > > zen includes part of njabl. grep your logs to see if the above catches > anything. > > > reject_rbl_client ix.dnsbl.manitu.net > > I have no experience with manitu. so I can't speak for that. I guess it is my fault, I have this combination of rbls since 2006-2007, guess I should review it and settle to fewer lists > > > > > >> > >>> [snip] > >>> is there any (more) elegant solution for keeping rbl queries and > >>> allow legit yahoo/gmail emails ? > >>> > >> > >> use DNSWL. > > did you see the line above? yes, I am studying the site as we speak thanks for all the shared information > > > > as a conclusion, I will stop using sorbs, as wietse pointed ... > > interesting how the easiest solutions are sometimes last to be taken > > in consideration :) > > When you add a DNSBL, use warn_if_reject for some time to see the > results. the following lists are considered "safe" at smtp time > (whatever is the definition of safe): > zen.spamhaus.org > bl.spamcop.net > psbl.surriel.com > korea.services.net > > but do not use any list without reading its policy. (if you read sorbs > policy, you'll see that they can list big players. you can disagree > with this, but it's their policy. the believe that "no one is too big > to block"). -- Petre Bandac Network Scientist - pe...@kgb.ro
signature.asc
Description: PGP signature
