Petre Bandac:
> hello
>
> in the last period I had several complains about mail originating from
> yahoo/gmail not reaching the mailbox
>
> logging in the logs I found entries like this:
>
> ###
> Jun 16 10:07:12 mx postfix/smtpd[27072]: NOQUEUE: reject: RCPT from
> mail-fx0-f67.google.com[209.85.161.67]: 554 5.7.1 Service unavailable;
> Client host [209.85.161.67] blocked using dnsbl.sorbs.net; Currently
> Sending Spam See: http://www.sorbs.net/lookup.shtml?209.85.161.67;
> from=<x...@clicknet.ro> to=<x...@xxxx.ro> proto=ESMTP
> helo=<mail-fx0-f67.google.com>
If you disagree with dnsbl.sorbs.net's listing policies, then don't
use that service,
Wietse
> ###
>
> I figure I have the following options
>
> 1 - disable rbl checks (which I did, at the client's request; they
> also didn't feel right with the greylist settings, so I had to shut
> down that too earlier)
>
> 2 - whitelist all mail originating from yahoo/gmail/google.com by
> putting them in the files for check_client_access and
> check_sender_access (btw, is this redundant?) and keep rbl queries
>
> is there any (more) elegant solution for keeping rbl queries and allow
> legit yahoo/gmail emails ?
>
>
> thanks,
>
> petre
>
> ###
>
> excerpt from postconf -n
>
>
>
> smtpd_recipient_restrictions =
>
> check_sender_access hash:/usr/local/etc/postfix/sender_checks,
> permit_sasl_authenticated,
> permit_mynetworks,
> check_client_access
> hash:/usr/local/etc/postfix/spammers-accepted,
> reject_non_fqdn_recipient,
> reject_unknown_sender_domain,
> reject_unknown_recipient_domain,
> reject_unauth_destination,
> reject_unauth_pipelining,
> reject_invalid_hostname,
> reject_non_fqdn_hostname,
> permit_mx_backup,
> reject
>
> smtpd_sasl_auth_enable = yes
> smtpd_sasl_authenticated_header = yes
> smtpd_sasl_security_options = noanonymous
> smtpd_sender_restrictions = permit_sasl_authenticated,
> permit_mynetworks, reject_unauth_destination
> transport_maps = hash:/usr/local/etc/postfix/transport
> unknown_address_reject_code = 554
> unknown_client_reject_code = 554
> unknown_hostname_reject_code = 554
> unknown_local_recipient_reject_code = 550
> virtual_alias_maps =
> mysql:/usr/local/etc/postfix/mysql_virtual_alias_maps.cf
> virtual_gid_maps = static:99
> virtual_mailbox_base = /usr/local/virtual
> virtual_mailbox_domains =
> mysql:/usr/local/etc/postfix/mysql_virtual_domains_maps.cf,
> mysql_relay_domains_maps.cf
> virtual_mailbox_limit = 51200000
> virtual_mailbox_maps =
> mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_maps.cf
> virtual_minimum_uid = 1001
> virtual_transport = maildrop
> virtual_uid_maps = static:1001
>
>
>
>
>
>
>
>
> --
>
> Petre Bandac
>
> Network Scientist
>
> -
>
> pe...@kgb.ro
-- End of PGP section, PGP failed!
