On Fri, 19 May 2017 12:27:23 -0400 (EDT) [email protected] (Wietse Venema) wrote:
> > I just added dbl.spamhaus.org: > > > > smtpd_sender_restrictions = > > reject_non_fqdn_sender > > reject_unknown_sender_domain > > reject_rhsbl_sender dbl.spamhaus.org > > [...further checks...] > > that is a setting for smtpd(8) That is just the reason I was wondering why these blacklisted domains still pass. > > This works fine. But if mail is sent from an ip which was already > > in the postscreen cache database before activating the DBL check, > > the DBL check > > Thew postscreen cache does not disable checks in smtpd. The only thing I can think about is that a domain is not yet on the DBL, spamassassin rejects the mail with a 5xx, the mail is in the queue because the sender is unreachable, and meanwhile the domain was added to the DBL. Hmmm, and now that I'm writing this I will have to check why smtpd does not apply a 5xx reject if the next hop (amavis) is generating a 5xx code. Anyway, there is no blame on Postfix: doing some checks using "swaks" things work as expected. R. -- richard lucassen http://contact.xaq.nl/
