Hello, >> postfix/cleanup[15798]: AE60A602E4: reject: header From: "American >> Express" <fr...@aexp.com> from unknown[83.217.119.xx]; >> from=<fr...@aexp.com> to=<hostmas...@mydomain.tld> proto=ESMTP >> helo=<[83.217.119.xx]>: 5.7.1 aexp is a spamdomain. > >> Shouldn't the 5.7.1 be prefixed by a 550? Or, does postfix do this and >> it is not logged? > > The cleanup daemon gives the reject reply to the smtpd daemon. The > smtpd daemon then prepends an appropriate 5XX status code, effectively > making it SMTP-specific.
So this is why cleanup does not log the 5XX status code. Alright. Thanks for explaining. > I can't comment on whether this is an effective mail to block spam. No problem. It's unusual, I agree. I saw this domain in many slightly different contexts (e.g. in the client's helo, in the from header), trying to deliver to many bogative recipient addresses. Annoying, especially for domains that have a wildcard. Normally I wouldn't do blocking this way, but in this case it just prevents later tests, simply rejecting delivery on sight of the domain name. It's a small setup, mostly for myself so I don't think it can hurt. Mark
