On Mon, Aug 04, 2008 at 10:56:36AM -0400, Brian Evans - Postfix List wrote: > Nicolas KOWALSKI wrote: >> On Mon, Aug 04, 2008 at 08:58:01AM -0400, Charles Marcus wrote: >> >>> On 8/4/2008, Nicolas KOWALSKI ([EMAIL PROTECTED]) wrote: >>> >>>> Aug 4 14:17:18 petole postfix/smtpd[23545]: NOQUEUE: reject: RCPT >>>> from 225.96.68-86.rev.gaoland.net[86.68.96.225]: 554 5.7.1 Service >>>> unavailable; Client host [86.68.96.225] blocked using >>>> zen.spamhaus.org; >>>> >>> THAT was the client... >>> >>> http://www.spamhaus.org/query/bl?ip=86.68.96.225; >>> >>>> from=<[EMAIL PROTECTED]> to=<[EMAIL PROTECTED]> >>>> proto=ESMTP helo=<demisel.dyndns.org> >>>> >>> THAT was the helo... >>> >>> So, you're trying to whitelist a client using its helo... >>> >> But demisel.dyndns.org (currently) resolves to the above address >> (86.68.96.225) ; why doesn't postfix get it? > This is how it works: > Postfix receives a connect from an IP and does a lookup on that IP. > See what it returns yourself with 'host 86.68.96.225' > > In your case, the client address was 225.96.68-86.rev.gaoland.net (which > is a unqualified RDNS entry for a dynamic pool). > This is the value that check_client_access can find (either name or IP)
Ok, I think I get it now. > The client said 'EHLO demisel.dyndns.org'. > This is the value that check_helo_access can find, though somewhat > unreliable to whitelist. I apparently have no other choices to whitelist-before-rbl such a dynamic pool's host. Thanks to all, -- Nicolas
