We found the following in postfix log while expecting test mail delivery: 2012-03-29T13:32:41+02:00 services/192.168.10.210 postfix/postscreen[1697]: [ID 197553 mail.info] NOQUEUE: reject: RCPT from [74.125.83.53]:56421: 450 4.3.2 Service currently unavailable; from=<sender@theirdomain <mailto:uh...@gazeta.pl>>, to=<recipient@ourdomain <mailto:ni...@instytutsztuki.us.edu.pl>>, proto=ESMTP, helo=<mail-ee0-f53.google.com>
2012-03-29T13:40:33+02:00 services/192.168.10.210 postfix/postscreen[1697]: [ID 197553 mail.info] NOQUEUE: reject: RCPT from [74.125.82.43]:35504: 450 4.3.2 Service currently unavailable; from=<<mailto:uh...@gazeta.pl>sender@theirdomain <mailto:uh...@gazeta.pl>>, to=<<mailto:ni...@instytutsztuki.us.edu.pl>recipient@ourdomain <mailto:ni...@instytutsztuki.us.edu.pl>>, proto=ESMTP, helo=<mail-wg0-f43.google.com> So, google.com got 450 from postscreen and repeated delivery from _other_ IP and then got another 450. It's possible the mail would not be delivered at all if google.com had sent it from different 60 thousands :-) IP addresses every time. The cure could be DNS whitelisting but we know it's not applicable in postscreen's permanent whitelist. We added then IP subnet 74.125.0.0/16 to permanent whitelist. But we know there are other ISPs who could send mail in a similar way. Does somebody have CIDR whitelist file of mail ISPs (a la postgrey whitelist clients) perhaps? Thanks, MU
smime.p7s
Description: Kryptograficzna sygnatura S/MIME
