Re: [rlug] Problema cu Postfix si RBL-ul dnsl.njabl.org

Tue, 17 Oct 2006 13:22:50 -0700 

On 10/17/06, Razvan SANDU <[EMAIL PROTECTED]> wrote:

Cu acestea, incercand sa trimit un mail de la unele dintre IP-urile
fixe, autorizate sa faca relay prin acest server pentru domeniul
example.com (sediile organizatiei), primesc mereu mesajul:


Oct 17 20:28:20 mail1 postfix/smtpd[21627]: NOQUEUE: reject: RCPT from
oarecare.example.com [aa.bb.cc.dd]: 554 Service unavailable; Client host
[aa.bb.cc.dd] blocked using dnsl.njabl.org; This site is misconfigured
and too dumb to accept email; from=<[EMAIL PROTECTED]>
to=<[EMAIL PROTECTED]> proto=SMTP helo=<oarecare>


adresa aa.bb.cc.dd fiind valida (adresa locatiei din care trimit), iar
adresele expeditor si destinatar fiind de asemenea valide.


Din cate inteleg, adresa aa.bb.cc.dd este listata in RBL-ul
dnsl.njabl.org.


Verificand, acest lucru *nu se intampla* - toate adresele IP de tipul


hmm, ba se intimpla, e ceva problema  dnsbl-ul:

23:14:18 [aleria()$,0,~] host -a 170.95.28.69.dnsl.njabl.org
Trying "170.95.28.69.dnsl.njabl.org"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25301
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 3, ADDITIONAL: 3

;; QUESTION SECTION:
;170.95.28.69.dnsl.njabl.org.   IN      ANY

;; ANSWER SECTION:
170.95.28.69.dnsl.njabl.org. 60 IN      TXT     "This site is
misconfigured and too dumb to accept email"
170.95.28.69.dnsl.njabl.org. 60 IN      A       69.28.95.178

;; ADDITIONAL SECTION:
dns1.njabl.org.         42      IN      A       69.28.95.154
dns2.njabl.org.         52      IN      A       69.28.95.170
dns3.njabl.org.         52      IN      A       216.168.31.120

Received 234 bytes from 194.102.255.2#53 in 541 ms

dupa cum vezi, chiar IP-ul de la ei din "ograda" pare sa fie in BL,
dar chestia e urmatoarea:

" If no "=d.d.d.d" is specified, reject the request when the reversed
client network address is listed with any A record under rbl_domain"

problema e ca raspunde cu A       69.28.95.178 la orice query. Poti
(sort of) s-o rezolvi daca pui:

reject_rbl_client dnsl.njabl.org=127.0.0.2

dar restringi doar la o anumita cetegorie. Cam orice alt BL intoarce
NXDOMAIN la un query pentru un IP care nu e in BL.

Ia legatura cu njabl.org ? sau rsync zona si o corectezi.

_______________________________________________
RLUG mailing list
[email protected]
http://lists.lug.ro/mailman/listinfo/rlug

Raspunde prin e-mail lui