I just installed a Postfix server and enabled DNSBL-based rejection with smtpd_recipient_restrictions = check_recipient_access hash:/usr/local/etc/postfix/conf/bozos, reject_non_fqdn_recipient, permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, reject_unlisted_recipient, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_rbl_client zen.spamhaus.org reject_rbl_client b.barracudacentral.org, permit
It looks like it's working. Spam is getting rejected. In every case though there are multiple connections made with multiple rejects. For example Apr 26 11:13:07 liam postfix/smtpd[22946]: connect from 130.43.53.23.dsl.dyn.forthnet.gr[130.43.53.23] Apr 26 11:13:08 liam postfix/smtpd[22946]: NOQUEUE: reject: RCPT from 130.43.53.23.dsl.dyn.forthnet.gr[130.43.53.23]: 554 5.7.1 Service unavailable; Client host [130.43.53.23] blocked using zen.spamhaus.org; http://www.spamhaus.org/query/bl?ip=130.43.53.23; from=<de...@site.careerbuilder.com> to=<kar...@domain.com> proto=ESMTP helo=<dyn.forthnet.gr> Apr 26 11:13:08 liam postfix/smtpd[22946]: lost connection after DATA from 130.43.53.23.dsl.dyn.forthnet.gr[130.43.53.23] Apr 26 11:13:08 liam postfix/smtpd[22946]: disconnect from 130.43.53.23.dsl.dyn.forthnet.gr[130.43.53.23] Apr 26 11:13:32 liam postfix/smtpd[22946]: connect from 130.43.53.23.dsl.dyn.forthnet.gr[130.43.53.23] Apr 26 11:13:32 liam postfix/smtpd[22946]: NOQUEUE: reject: RCPT from 130.43.53.23.dsl.dyn.forthnet.gr[130.43.53.23]: 554 5.7.1 Service unavailable; Client host [130.43.53.23] blocked using zen.spamhaus.org; http://www.spamhaus.org/query/bl?ip=130.43.53.23; from=<de...@site.careerbuilder.com> to=<kar...@domain.com> proto=ESMTP helo=<dyn.forthnet.gr> Apr 26 11:13:33 liam postfix/smtpd[22946]: lost connection after DATA from 130.43.53.23.dsl.dyn.forthnet.gr[130.43.53.23] Apr 26 11:13:33 liam postfix/smtpd[22946]: disconnect from 130.43.53.23.dsl.dyn.forthnet.gr[130.43.53.23] Apr 26 11:13:59 liam postfix/smtpd[22946]: connect from 130.43.53.23.dsl.dyn.forthnet.gr[130.43.53.23] Apr 26 11:13:59 liam postfix/smtpd[23175]: connect from 130.43.53.23.dsl.dyn.forthnet.gr[130.43.53.23] Apr 26 11:14:00 liam postfix/smtpd[22946]: NOQUEUE: reject: RCPT from 130.43.53.23.dsl.dyn.forthnet.gr[130.43.53.23]: 554 5.7.1 Service unavailable; Client host [130.43.53.23] blocked using zen.spamhaus.org; http://www.spamhaus.org/query/bl?ip=130.43.53.23; from=<vie...@site.careerbuilder.com> to=<kar...@domain.com> proto=ESMTP helo=<dyn.forthnet.gr> Apr 26 11:14:00 liam postfix/smtpd[23175]: NOQUEUE: reject: RCPT from 130.43.53.23.dsl.dyn.forthnet.gr[130.43.53.23]: 554 5.7.1 Service unavailable; Client host [130.43.53.23] blocked using zen.spamhaus.org; http://www.spamhaus.org/query/bl?ip=130.43.53.23; from=<ale...@site.careerbuilder.com> to=<kar...@domain.com> proto=ESMTP helo=<dyn.forthnet.gr> Apr 26 11:14:00 liam postfix/smtpd[22946]: lost connection after DATA from 130.43.53.23.dsl.dyn.forthnet.gr[130.43.53.23] Apr 26 11:14:00 liam postfix/smtpd[22946]: disconnect from 130.43.53.23.dsl.dyn.forthnet.gr[130.43.53.23] Apr 26 11:14:00 liam postfix/smtpd[23175]: lost connection after DATA from 130.43.53.23.dsl.dyn.forthnet.gr[130.43.53.23] Apr 26 11:14:00 liam postfix/smtpd[23175]: disconnect from 130.43.53.23.dsl.dyn.forthnet.gr[130.43.53.23] In the end it's getting blocked, and that's what I want. But, if I understand how this works, every one of those rejects is a DNS check to spamhaus, and some postfix load on my server. Can I somehow configure to be more efficient about this? Maybe somehow cache the rejected IP for 15mins or something? I'll first ask how to do this without postscreen. -- Thanks, Karen
