When postscreen rejects an incoming email because it exceeds the dnsbl/rbl
score, how does it decide which rbl to report back to client as the cause
of the rejection - since it only reports one? Is it just the first one to
respond? Or random?

See below for an (lightly obfuscated) example:
08:15:26 myhost postfix/postscreen[29782]: CONNECT from
[188.59.147.103]:57447 to [192.168.101.82]:25
08:15:26 myhost postfix/dnsblog[29788]: addr 188.59.147.103 listed by
domain zen.dq.spamhaus.net as 127.0.0.3
08:15:26 myhost postfix/dnsblog[29785]: addr 188.59.147.103 listed by
domain b.barracudacentral.org as 127.0.0.2
08:15:26 myhost postfix/dnsblog[29788]: addr 188.59.147.103 listed by
domain zen.dq.spamhaus.net as 127.0.0.4
08:15:26 myhost postfix/dnsblog[29788]: addr 188.59.147.103 listed by
domain zen.dq.spamhaus.net as 127.0.0.11
08:15:26 myhost postfix/dnsblog[29791]: addr 188.59.147.103 listed by
domain truncate.gbudb.net as 127.0.0.2
08:15:26 myhost postfix/dnsblog[29792]: addr 188.59.147.103 listed by
domain hostkarma.junkemailfilter.com as 127.0.0.2
08:15:27 myhost postfix/dnsblog[29787]: addr 188.59.147.103 listed by
domain bl.fmb.la as 127.0.0.2
08:15:32 myhost postfix/postscreen[29782]: DNSBL rank 5 for
[188.59.147.103]:57447
08:15:32 myhost postfix/tlsproxy[29793]: CONNECT from [188.59.147.103]:57447
08:15:33 myhost postfix/tlsproxy[29793]: Anonymous TLS connection
established from [188.59.147.103]:57447: TLSv1.2 with cipher
ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
08:15:34 myhost postfix/postscreen[29782]: NOQUEUE: reject: RCPT from
[188.59.147.103]:57447: 550 5.7.1 Service unavailable; client
[188.59.147.103] blocked using b.barracudacentral.org; from=<
plucky...@bosahek.com>, to=<02f...@streamingbats.co.uk>, proto=ESMTP, helo=<
narlabsorgtw.bosahek.com>

Reply via email to