I had postscreen_dnsbl_sites = <the-key-to-hide>zen.dq.spamhaus.org and postscreen_dnsbl_reply_map = texthash:/etc/postfix/dnsbl_reply in main.cf
and I had <the-authorization-key-was-here>.zen.dq.spamhaus.net<http://the-authorization-key-was-here.zen.dq.spamhaus.net> zen.dq.spamhaus.org in the /etc/posrfix/dnsbl_reply file. One of many email sent from a yahoo test account did happen to use a yahoo server listed by zen.dq.spamhaus.org and I did get back a reply with the key exposed: Remote host said: 550 5.7.1 Service unavailable; client [98.136.218.178] blocked using <th-authorization-key-was-here>.zen.dq.spamhaus.org [RCPT_TO] I then changed the one line in the main.cf from postscreen_dnsbl_sites = <the-key-to-hide>zen.dq.spamhaus.org to postscreen_dnsbl_sites = zen.dq.spamhaus.org and since then none of the test email have been rejected. How can I prove to myself the spamhaus list actually being used now as opposed to being not used because of configuration? -- Robert Lopez Unix Systems Administrator Central New Mexico Community College (CNM) 525 Buena Vista SE Albuquerque, New Mexico 87106