smtpd_delay_reject = yes & Reject Logging

Prev: Simple hack to get $3000 to your home
Next: compile Postfix in static linking

From: Noel Jones on 11 Aug 2010 23:11

---

On 8/11/2010 8:44 PM, JunkYardMail1(a)Verizon.net wrote:
> With smtpd_delay_reject = yes
>
> Which of the restriction sections was the following logged
> rejection for?
> Or put another way, in which of the restriction sections was
> the rejection option "reject_rbl_client pbl.spamhaus.org" that
> resulted in the logged rejection?


Why would you put pbl.spamhaus.org in more than one section?


>
> Restriction Options:
> smtpd_client_restrictions
> smtpd_helo_restrictions
> smtpd_etrn_restrictions
> smtpd_sender_restrictions
> smtpd_recipient_restrictions
> smtpd_data_restrictions
> smtpd_end_of_data_restrictions
>
> Aug 10 19:00:14 RapidVPS1 postfix-mx/smtpd[9301]: NOQUEUE:
> reject: RCPT from unknown[190.40.76.65]: 521 5.7.1 Service
> unavailable; Client host [190.40.76.65] blocked using
> pbl.spamhaus.org;
> http://www.spamhaus.org/query/bl?ip=190.40.76.65;
> from=<code(a)blah.com> to=<code(a)blah.com> proto=SMTP
> helo=<client-190.40.76.65.speedy.net.pe>
>
> It says RCPT because that is the stage at which the rejections
> are processed when smtpd_delay_reject is enable. But that is
> not the restriction section the rejection was for.
>
> It was actually an smtpd_client_restrictions, so when
> smtpd_delay_reject is enabled would like it to be logged
> similarly to how it would be if smtpd_delay_reject was
> disabled. Designation of CONNECT rather than RCPT.
> Aug 10 19:00:14 RapidVPS1 postfix-mx/smtpd[9301]: NOQUEUE:
> reject: CONNECT from unknown[190.40.76.65]: 521 5.7.1 Service
> unavailable; Client host [190.40.76.65] blocked using
> pbl.spamhaus.org;
> http://www.spamhaus.org/query/bl?ip=190.40.76.65;
> from=<code(a)mydomain.com> to=<code(a)mydomain.com> proto=SMTP
> helo=<client-190.40.76.65.speedy.net.pe>
>
> When smtpd_delay_reject is disabled it would be logged as:
> Aug 10 19:00:14 RapidVPS1 postfix-mx/smtpd[9301]: NOQUEUE:
> reject: CONNECT from unknown[190.40.76.65]: 521 5.7.1 Service
> unavailable; Client host [190.40.76.65] blocked using
> pbl.spamhaus.org;
> http://www.spamhaus.org/query/bl?ip=190.40.76.65; proto=SMTP
>
> Hope this clarifies rather then muddies.
>
>



Don't use duplicate restrictions.

First  |  Prev  | 
Pages: 1 2 3 4 5
Prev: Simple hack to get $3000 to your home
Next: compile Postfix in static linking