Chad M Stewart:
>
> It can be nice to have stupid systems out there that repeatedly connect and
> try to deliver junk, I can use for testing new rules. :) I'm trying to test
> blacklists in postscreen. From what I read on the postscreen readme, the
> following should work to block this IP, but alas the IP is still able to talk
> with smtpd. :(
>
>
> I'm running version 2.9.1, configuration /usr/local/etc/postfix
>
> May 12 19:20:55 mta01 postfix/postscreen[10488]: CONNECT from
> [211.155.26.83]:54916 to [192.168.7.30]:25
> May 12 19:20:55 mta01 postfix/postscreen[10488]: BLACKLISTED
> [211.155.26.83]:54916
> May 12 19:20:55 mta01 postfix/postscreen[10488]: PASS OLD
> [211.155.26.83]:54916
>
> From what I've read on the readme
>
> When the SMTP client address appears on the temporary whitelist,
> postscreen(8) logs this with the client address and port number as:
>
> PASS OLD [address]:port
>
> I don't understand why the IP would be whitelisted. I had stopped postfix,
> removed the postscreen cache and restarted postfix, thus no cache and this is
> the first time the IP has connected. Any ideas?
Because you have still have postscreen_blacklist_action = ignore.
Wietse
