Hi,
because Postfix 2.11 config has been blocking legitimate servers in the
past, I added a white list before the reject_rbl_client listings.
smtpd_client_restrictions =
permit_dnswl_client list.dnswl.org,
reject_rbl_client ix.dnsbl.manitu.net,
# reject_rbl_client zen.spamhaus.org,
reject_rbl_client dul.dnsbl.sorbs.net,
reject_rbl_client bl.spamcop.net
# reject_rbl_client dnsbl.sorbs.net
Unfortunately these dnswl lookups do not work. I'm always getting this
warning in my logs. No matter which mail server connects:
_____________________________________________________________________
Mar 5 09:18:13 mx0 postfix/smtpd[25201]: connect from
vmx-5.kjm2.de[85.10.252.144]
Mar 5 09:18:14 mx0 postfix/smtpd[25201]: warning:
144.252.10.85.list.dnswl.org: RBL lookup error: Host or domain name not
found. Name service error for name=144.252.10.85.list.dnswl.org type=A:
Host not found, try again
Mar 5 09:18:14 mx0 postfix/smtpd[25201]: 1295120119E:
client=vmx-5.kjm2.de[85.10.252.144]
_____________________________________________________________________
Did I miss something in my config?
Thanks,
Michael
mine@mx0:~$ postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
config_directory = /etc/postfix
mailbox_size_limit = 0
message_size_limit = 52428800
mydestination = localhost, $myhostname
myhostname = mx0.neurohr.at
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 [fe80::]/64
myorigin = $mydomain
procmail_destination_recipient_limit = 1
readme_directory = no
recipient_delimiter = +
relayhost =
smtp_bind_address6 = 2a01:4f8:151:30c7::20
smtp_tls_security_level = may
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_client_restrictions = permit_dnswl_client list.dnswl.org,
reject_rbl_client ix.dnsbl.manitu.net, reject_rbl_client
dul.dnsbl.sorbs.net, reject_rbl_client bl.spamcop.net
smtpd_recipient_restrictions = permit_sasl_authenticated,
reject_non_fqdn_sender, reject_non_fqdn_recipient,
reject_unknown_client_hostname, reject_unknown_sender_domain,
reject_unknown_recipient_domain, permit_mynetworks,
reject_unauth_destination, permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_tls_CAfile = /etc/ssl/private/mailserver/ca-bundle.crt
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/ssl/private/mailserver/mx0.neurohr.at.pem
smtpd_tls_key_file = /etc/ssl/private/mailserver/mx0.neurohr.at.key
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
transport_maps = hash:/etc/postfix/transport
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cf
virtual_mailbox_domains =
mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
virtual_transport = lmtp:unix:private/dovecot-lmtp
