On 1/1/23 07:23, Forums wrote:
*/postfix/smtp[23430]: 4972423BAF: to=/**/, relay=192.168.1.160[192.168.1.160]:25, delay=0.99, delays=0.06/0.03/0.8/0.1, dsn=5.7.1, status=bounced (host 192.168.1.160[192.168.1.160] said: 554 5.7.1 Service unavailable; Sender address [no-re...@mehl-family.fr] blocked using dbl.spamhaus.org; Error: open resolver; https://www.spamhaus.org/returnc/pub/172.71.117.8 (in reply to RCPT TO command))/*
This is saying that the mail server at 192.168.1.160 is configured wrong for spamhaus. It is using one or more spamhaus RBLs, but it is configured with a public open resolver as its DNS server ... examples of this are 8.8.8.8 and 8.8.4.4, public DNS servers made by Google. If you visit the URL in the log message, it says "Queries cannot successfully be made to the Spamhaus free infrastructure via public/open resolvers. This is to protect the infrastructure from abuse by large-volume queriers."
The DNS server being used on 192.168.1.160 needs to change. I run a full install of bind9 on my mailserver. It isn't hosting any domains itself, it just serves as a local recursive caching resolver. Another commonly used solution for this is unbound.
/*postfix/smtp[23430]: 401F723BB0: to=*//*, relay=192.168.1.160[192.168.1.160]:25, delay=2.9, delays=0.01/0/0/2.9, dsn=5.1.1, status=bounced (host 192.168.1.160[192.168.1.160] said: 550 5.1.1*//**//*: Recipient address rejected: User unknown in virtual mailbox table (in reply to RCPT TO command))*/
This says that 192.168.1.160 looked up the recipient and didn't find it. It was not configured to relay that recipient for the connecting sender. So it bounced the message.
Thanks, Shawn
