Gordan Bobic wrote: > I've just been looking through my mail logs to assess the effectiveness > of the RBLs, and I see things like the following: > > courieresmtpd: > error,relay=::ffff:88.236.181.253,from=<[EMAIL PROTECTED]>,to=<[EMAIL > PROTECTED]>: > 511 http://www.spamhaus.org/query/bl?ip=88.236.181.253 >
Should a legitimate message be rejected by RBL, it's useful to have those logs. Users will ask why they haven't received a message they expected, and you can look for the senders address in the logs to see if RBLs are at fault. > Since it has the from and to addresses listed, that implies that the RBL > was consulted after the MAIL FROM and RCPT TO commands were sent. Is > this not wrong? I would have thought that in the interest of wasting > fewer resources on spammers, RBL should be checked sooner. No, the DNS lookup happened at the beginning of the connection. smtpd just doesn't give errors until the RCPT command. smtpd won't accept messages (errors on DATA command), and as far as I know doens't even look up the addresses requested, so the resources consumed are a handful of bytes (rate limited by tarpitting). It's nothing to worry about. :) ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ courier-users mailing list [email protected] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
