Benny Pedersen:
>
> will it not make sense to not drop dnsbl rbl when its a pregreet ip that
> are dropped ?
The DNSBL/WL lookups start BEFORE the pregreet test, and as shown
in your example, the DNSBL/WL lookups usually complete before the
client pregreets.
Since the DNS resolver (which not part of Postfix) is looking up
the DNSBL/WL information anyway, it would be wasteful for Postfix
not to log the result. The result is useful to determine if pregreet
tests block any clients that aren't already blocked by DNSBL. On
my system, that's about 3% of all pregreet clients, and about 5%
of pregreet client connections.
postscreen does not cache failed tests. That keeps most of the
pregreeters out of the postscreen cache.
Wietse
> Apr 21 11:21:10 localhost postfix/postscreen[27441]: CONNECT from
> [49.76.12.130]:53055 to [176.58.121.172]:25
> Apr 21 11:21:10 localhost postfix/dnsblog[27442]: addr 49.76.12.130
> listed by domain zen.spamhaus.org as 127.0.0.11
> Apr 21 11:21:10 localhost postfix/dnsblog[27442]: addr 49.76.12.130
> listed by domain zen.spamhaus.org as 127.0.0.4
> Apr 21 11:21:10 localhost postfix/postscreen[27441]: PREGREET 16 after
> 0.3 from [49.76.12.130]:53055: EHLO lj5yJxNn4\r\n
> Apr 21 11:21:10 localhost postfix/postscreen[27441]: DNSBL rank 7 for
> [49.76.12.130]:53055
> Apr 21 11:21:11 localhost postfix/postscreen[27441]: HANGUP after 0.6
> from [49.76.12.130]:53055 in tests after SMTP handshake
> Apr 21 11:21:11 localhost postfix/postscreen[27441]: DISCONNECT
> [49.76.12.130]:53055
