On 8/21/12 9:25 AM, Brian Evans - Postfix List wrote:
On 8/21/2012 10:03 AM, Alfonso Alejandro Reyes Jiménez wrote:
Hi everyone.
I've postfix working great but I cant make the rbl works, I have the
configuration but when I test the configuration it seems not to be
working.
I'm testing with http://www.crynwr.com/spam/ Spamhaus has that ip
address listed but I'm still getting those emails.
As others have noted, you need a caching DNS resolver (named, unbound,
etc) and you should use dig or host to test.
smtpd_banner = $myhostname Microsoft ESMTP MAIL Service ready
No benefit to change this. Lying to computers does nothing.
smtpd_recipient_restrictions =
permit_mynetworks,permit_sasl_authenticated,reject_rbl_client
zen.spamhaus.org,reject_rhsbl_sender
dsn.rfc-ignorant.org,reject_unauth_destination
I would recommend putting reject_unauth_destination before RBL checks.
This will cut down the number of DNS queries which are limited amounts
for the free access.
Brian
Thanks for the tips, we have bind running on the server forwarded to a
public DNS server. We are not lying to computers we are lying to nessus
and that kind of software, is part of the systems hardening but thanks
for the tip.
I will follow your recomendation about the reject_unauth_destination.
Any other tip?
Regards.
