>> Given the ip 1.2.3.4 - if postfix is configured to query the spamcop >> blacklist then a dns query like this is issued: >> >> [gerry@noc ~]$ dig 4.3.2.1.bl.spamcop.net >> [...] >> ;; ANSWER SECTION: >> 4.3.2.1.bl.spamcop.net. 300 IN A 91.195.240.87 > > But isn't this a commonly accepted conventions for RBLs that they return > addresses from 127.0.0.0/8 only in case of positive response? > > Shouldn't Postfix (or any other MTA) ignore the RBL response if it's not > from 127.0.0.0/8 range?
According to rfc5782 it's a convention but it also says that any returned A record must be interpreted as listed. So you can filter replies with postfix but it's optional. Best regards Gerald https://tools.ietf.org/html/rfc5782 (DNS Blacklists and Whitelists) 2.1. IP Address DNSxL The A record contents conventionally have the value 127.0.0.2, but MAY have other values as described below in Section 2.3. 2.3. Combined IP Address DNSxL There is no widely used convention for mapping sublist names to bits or values, beyond the convention that all A values SHOULD be in the 127.0.0.0/8 range to prevent unwanted network traffic if the value is erroneously used as an IP address. 6. Typical Usage of DNSBLs and DNSWLs A client MUST interpret any returned A record as meaning that an address or domain is listed in a DNSxL
