Am 22.08.2014 um 22:06 schrieb li...@rhsoft.net: > why don't "DNSBL rank 15" don't drop the connection? > my expectation was that it should even not make it to smtpd > > postscreen_cache_retention_time = 1d > postscreen_dnsbl_ttl = 10m > postscreen_dnsbl_threshold = 8 > postscreen_dnsbl_sites = dul.dnsbl.sorbs.net*8 > dnsbl.inps.de*7 > b.barracudacentral.org*7 > zen.spamhaus.org=127.0.0.[10;11]*7 > bl.spamcop.net*5 > cbl.abuseat.org*3 > zen.spamhaus.org=127.0.0.2*3 > zen.spamhaus.org=127.0.0.3*2 > zen.spamhaus.org=127.0.0.[4..7]*2 > ix.dnsbl.manitu.net*2 > dnsbl-1.uceprotect.net*1 > list.dnswl.org*-2
"postscreen_dnsbl_action = enforce" helps a lot :-) somehow unexpected and should be highlighted in the docs http://www.postfix.org/postconf.5.html#postscreen_dnsbl_threshold http://www.postfix.org/postconf.5.html#postscreen_dnsbl_sites BTW: the response should contain all involved lists instead only the first to help sane admins with compromised servers to realize the urgency after made it to a bundle of RBL's Aug 22 22:21:29 mail-gw postfix/dnsblog[1433]: addr 62.178.103.85 listed by domain dul.dnsbl.sorbs.net as 127.0.0.10 Aug 22 22:21:29 mail-gw postfix/dnsblog[1433]: addr 62.178.103.85 listed by domain zen.spamhaus.org as 127.0.0.11 Aug 22 22:21:29 mail-gw postfix/postscreen[1431]: DNSBL rank 15 for [62.178.103.85]:61581 Aug 22 22:21:29 mail-gw postfix/postscreen[1431]: NOQUEUE: reject: RCPT from [62.178.103.85]:61581: 550 5.7.1 Service unavailable; client [62.178.103.85] blocked using dul.dnsbl.sorbs.net; from=<**>, to=<**>, proto=ESMTP, helo=<**> Aug 22 22:21:29 mail-gw postfix/postscreen[1431]: HANGUP after 0.05 from [62.178.103.85]:61581 in tests after SMTP handshake Aug 22 22:21:29 mail-gw postfix/postscreen[1431]: DISCONNECT [62.178.103.85]:61581
