On Wed, 19 Dec 2018 at 14:51, Matus UHLAR - fantomas <uh...@fantomas.sk> wrote:
> On 19.12.18 14:00, Stefan Bauer wrote: > >Dec 19 13:04:36 mx1 postfix/postscreen[4770]: CONNECT from > >[209.85.166.196]:52168 to [public-ip]:25 > >Dec 19 13:04:42 mx1 postfix/dnsblog[4774]: addr 209.85.166.196 listed by > >domain dnsbl.sorbs.net as 127.0.0.6 > >Dec 19 13:04:42 mx1 postfix/postscreen[4770]: PASS NEW > >[209.85.166.196]:52168 > >Dec 19 13:04:42 mx1 postfix/smtpd[4778]: connect from > >mail-it1-f196.google.com[209.85.166.196] > > > >why did google pass postscreen even though its listed in one of the RBL? > > > > > >postscreen_dnsbl_sites = zen.spamhaus.org*2 bl.spamcop.net*1 > >b.barracudacentral.org*1 dnsbl.sorbs.net*1 > >postscreen_blacklist_action = drop > >postscreen_dnsbl_action = enforce > > > >Am i missing something obvious? > > on some systems I have implemented postscreen with especially to avoid > refusing > mail just because of a single dnsbl listing. > > on some systems the google ranges are whitelisted. > This might help OP identify any non-default postscreen settings (kudos: Viktor) - LC_ALL=C join --check-order <(postconf -n) <(postconf -d | sed 's/=/(default:/; s/$/)/')|grep ^postscreen_
