On Tue, Dec 22, 2009 at 01:45:56PM +0100, Helga Mayer wrote: > Hello list, > > I have a problem with rejects due to cache entries. > We use policyd-weight-0.1.14-beta-17. > > This is the message found in the logfile: > > Dec 21 16:09:28 smtp2 postfix/smtpd[16364]: connect from > mail-telecontrol.customer.solnet.ch[82.220.17.226] > Dec 21 16:09:29 smtp2 postfix/policyd-weight[30193]: decided action=550 > temporarily blocked because of previous errors - retrying too fast. > penalty: 30 seconds x 0 retries.; <client=82.220.17.226> > <helo=smtp.telecontrol.ch> <from=$sen...@telecontrol.ch> > <to=$recipi...@uni-hohenheim.de>; delay: 0s > Dec 21 16:09:29 smtp2 postfix/smtpd[16364]: NOQUEUE: reject: RCPT from > mail-telecontrol.customer.solnet.ch[82.220.17.226]: 550 5.7.1 > <$recipi...@uni-hohenheim.de>: Recipient address rejected: temporarily > blocked > because of previous errors - retrying too fast. penalty: 30 seconds x 0 > retries.; from=<$sen...@telecontrol.ch> to=<$recipi...@uni-hohenheim.de> > proto=ESMTP helo=<smtp.telecontrol.ch> > > > There are no other log entries for 82.220.17.226 during the last 8 days. > The cache entry is:
[bz]grep 82.220.17.226 /var/log/...log... results only in this snippet? > policyd-weight -s|grep 82.220.17.226 > blocked: 82.220.17.226 1 0 1261408171 > 1261408171 (UNIX) is the date of the first (and only) reject + 2 seconds : > 1261408171 = Mon, 21 Dec 2009 15:09:31 GMT + 2 seconds indeed sounds strange but could be explained if the log is done in GMT (which would make it then a retry after 59:57 minutes). Is the policy service used by many machines or _only_ by localhost? > As a workaround we whitelisted the particular IP. > The headers of a mail received from this server are: > > Received: from smtp.telecontrol.ch (mail-telecontrol.customer.solnet.ch > [82.220.17.226]) > by smtp2.rz.uni-hohenheim.de (Postfix) with ESMTP > for <$recipi...@uni-hohenheim.de>; Tue, > 22 Dec 2009 12:23:13 +0100 (CET) > Received: from PRISM.telecontrol.local ([192.168.30.11]) by > PRISM.telecontrol.local ([192.168.30.11]) with mapi; Tue, 22 Dec 2009 > 12:23:18 +0100 Does lead to a reject, yes. SENDER % host telecontrol.ch telecontrol.ch has address 93.88.240.108 telecontrol.ch mail is handled by 5 mta-gw.infomaniak.ch. % host mta-gw.infomaniak.ch mta-gw.infomaniak.ch has address 84.16.68.126 mta-gw.infomaniak.ch has address 84.16.68.125 HELO % host smtp.telecontrol.ch smtp.telecontrol.ch is an alias for mail.infomaniak.ch. mail.infomaniak.ch has address 84.16.68.123 mail.infomaniak.ch has address 84.16.68.124 CLIENT % host mail-telecontrol.customer.solnet.ch mail-telecontrol.customer.solnet.ch has address 82.220.17.226 The client is in no relation (naming or subnet-wise) to sender or helo. Would the sender use a correct HELO, he wouldn't have this problem. -- Robert Felber (PGP: 896CF30B) Munich, Germany ____________________________________________________________ Policyd-weight Mailinglist - http://www.policyd-weight.org/