Messages are not blocked when RBL has multiple DNS answers
in [Postfix]
|
From: JF Mezei on 21 May 2010 15:42 Wietse Venema wrote: > Your problem report had ZERO evidence that other Spamhaus lookups > succeed. Given a useless problem report, we are just wasting each > other's time. Thank you for your time. I will conclude that the software is perfectly able to handle DNS replies with multiple IP addresses and that the problem is purely at my end. (problem which did not exist when I was on a different SMTP server). I apologize for wasting your time and shall unsubscribe.
From: Larry Stone on 21 May 2010 16:08 On Fri, 21 May 2010, JF Mezei wrote: > Thank you for your time. I will conclude that the software is perfectly > able to handle DNS replies with multiple IP addresses and that the > problem is purely at my end. (problem which did not exist when I was on > a different SMTP server). > > I apologize for wasting your time and shall un subs cribe. (word broken up as it ran afoul of the admin command filter - LS). I see nothing has changed in the nearly 20 years since I first encountered this well-known (in some circles) Internet kook. As you have found, nothing is ever his problem and when told it is, he generally gets all huffy about it and departs, sometimes quite more rudely than he did this time. So if you responded and he seemed to just brush off your response (since he had already decided it was Postfix that was broken and was really just looking for confirmation of that and then to have Wieste fix it), don't take it personally. -- Larry Stone lstone19(a)stonejongleux.com
From: mouss on 21 May 2010 18:39
JF Mezei a �crit : > I am new to the list. > > This is on OS-X Server 10.6.3 on an Xserve with postfix 2.5.5 that came > with the system. > > > I have a situation where using zen.spamhaus.org , spam gets through > despite zen saying that IP is bad. > > here is a sample error message: > > connect from cpe-67-252-139-22.buffalo.res.rr.com [67.252.139.22] > May 19 01:09:15 velo postfix/smtpdP26473]: warning: > 22.139.252.67.zen.spamhaus.org: RBL lookup error: Host or domain name > not found. Name service error for name=22.139.252.67.zen.spamhaus.org > type=A: Host not found, try again > > > > nslookup 22.139.252.67.zen.spamhaus.org > Server: 10.0.0.20 > Address: 10.0.0.20#53 > > Non-authoritative answer: > Name: 22.139.252.67.zen.spamhaus.org > Address: 127.0.0.10 > Name: 22.139.252.67.zen.spamhaus.org > Address: 127.0.0.4 > > > Is it possible that the postfix software barfs when the RBL lookup > returns multiple responses and lets the messsage through ? See for yourself: May 21 01:47:21 imlil postmx/smtpd[71793]: NOQUEUE: reject: RCPT from 198-15.62-188.cust.bluewin.ch[188.62.15.198]: 554 5.7.1 Service unavailable; Client host [188.62.15.198] blocked using zen.spamhaus.org; http://www.spamhaus.org/query/bl?ip=188.62.15.198; from=<bavodiq6442(a)bluewin.ch> to=<mouss(a)netoyen.net> proto=ESMTP helo=<bluewin.ch> $ host 198.15.62.188.zen.spamhaus.org 198.15.62.188.zen.spamhaus.org has address 127.0.0.4 198.15.62.188.zen.spamhaus.org has address 127.0.0.11 > > Is there a way to fix this (other than removing zen and adding the > individual lists it contains) ? > > > This is a low volume server. And if I exceeded my daily quota, wouldn't > the nslookup command also fail ? > cold processes are more efficient than genius logic. please show your master.cf. if your smtpd is chrooted, you can take a 3 weeks vacation;-p second thing to say is to tell us more about which pieces of software you use for dns, and which forwarding mechanism you use (the reference is: you run a _real_ dns server locally, and you configure it to resolve directly, with no forwarding). |