Hi,
On Thu, Jan 25, 2018 at 9:45 AM, Matus UHLAR - fantomas
<uh...@fantomas.sk> wrote:
> On 25.01.18 09:13, Alex wrote:
>>
>> I'm trying to understand where this message is coming from. The IP
>> resolves to a google address, and is blacklisted on sorbs and others,
>> but postscreen also says it was whitelisted here.
>>
>> I'm not directly rejecting this IP on my system and also don't see
>> "Domain is spam" anywhere.
>>
>> Can someone help me understand how this IP is being rejected?
>>
>> Jan 22 05:51:11 mail03 postfix/postscreen[21814]: CONNECT from
>> [209.85.216.174]:39727 to [68.195.123.45]:25
>> Jan 22 05:51:11 mail03 postfix/postscreen[21814]: WHITELISTED
>> [209.85.216.174]:39727
>> Jan 22 05:51:11 mail03 postfix/smtpd[21852]: NOQUEUE: reject: RCPT
>> from mail-qt0-f174.google.com[209.85.216.174]: 554 5.7.1
>> <em...@suhaskumar.com>: Sender address rejected: Domain is spam;
>> from=<em...@suhaskumar.com> to=<serv...@example.com> proto=ESMTP
>> helo=<mail-qt0-f174.google.com>
>> Jan 22 05:51:11 mail03 postfix/smtpd[21852]: disconnect from
>> mail-qt0-f174.google.com[209.85.216.174] ehlo=2 starttls=1 mail=1
>> rcpt=0/1 data=0/1 quit=1 commands=5/7
>>
>> I have many other instances of having received mail from this IP
>> without incident. Is it related to this domain?
>>
>> Below is my smtpd_sender_restrictions
>
>
> you apparently need to send other _restrictions - the message can be
> rejected in any of those.
Yes, thank you, I should have included it all originally. I've
searched for '209.85' in all of the local postfix files and the only
occurrence is "209.85.128.0/17 permit" in gmail_whitelist.cidr,
updated regularly.
smtpd_recipient_restrictions =
reject_non_fqdn_recipient,
reject_non_fqdn_sender,
reject_unlisted_recipient,
reject_unknown_recipient_domain,
permit_mynetworks,
reject_unauth_destination,
reject_rhsbl_reverse_client mykey.dbl.dq.spamhaus.net,
reject_rhsbl_sender mykey.dbl.dq.spamhaus.net,
reject_rhsbl_helo mykey.dbl.dq.spamhaus.net,
check_sender_access hash:/etc/postfix/check_backscatterer,
check_helo_access pcre:/etc/postfix/helo_checks.pcre,
check_helo_access hash:/etc/postfix/helo_checks,
reject_non_fqdn_helo_hostname,
reject_invalid_helo_hostname,
check_policy_service unix:private/policy-spf,
check_policy_service inet:127.0.0.1:2501,
check_recipient_access pcre:/etc/postfix/relay_recips_access,
check_recipient_access pcre:/etc/postfix/recipient_checks,
check_recipient_access pcre:/etc/postfix/relay_recip_checks,
permit
smtpd_client_restrictions =
permit_mynetworks,
check_client_access hash:/etc/postfix/client_checks,
check_reverse_client_hostname_access
pcre:/etc/postfix/fqrdns-042715a.pcre,
check_reverse_client_hostname_access
pcre:/etc/postfix/reverse_client_hostname_access.pcre,
check_client_access cidr:/etc/postfix/client_access_blocklist
check_client_access cidr:/etc/postfix/ransomware-ipbl
