On 2023-04-09 13:53, Peter via Postfix-users wrote:
On 9/04/23 14:02, tom--- via Postfix-users wrote:
I have this setting in main.cf:
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
check_policy_service unix:private/policyd-spf,
reject_rbl_client zen.spamhaus.org,
reject_rbl_client bl.spamcop.net
When I sent message from a Spamhaus Zen listed IP (this IP not in my
whitelist), the message still came into system.
it seems reject_rbl_client zen.spamhaus.org has no effect.
Where should i debug it?
First off make sure that policyd isn't somehow returning an OK (or
equivalent) response, if you're not sure temporarily remove
"check_policy_service unix:private/policyd-spf," from your restrictions
above and see if it makes a difference.
what action code policyd should return for passing the request to next
check?
Secondly, and this is *very* important, make certain you are not using
your ISP's or another public DNS resolver (such as 8.8.8.8). You
*must* run your own DNS resolver for DNSRBLs to work properly.
I will try to setup my dns resolver locally.
Thank you.
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
