Timo Geusch:
> Based on zen.spamhaus.org's documentation 127.255.255.25[245] are
> actually error codes and not indicators of allow/denylisting - in this
> case, their error is that I was querying via a public resolver, see link
> here: https://www.spamhaus.org/faq/section/DNSBL%20Usage#200
So don't do that.
> The fix/workaround in my case is relatively easy as I mostly need to
> update the configuration for my local DNS server. That said, I'm not
> sure if postscreen should treat this kind of error as a denylisted server?
postscreen has no provider-specific parsing of DNSBL status codes.
Instead, postscreen assumes that all replies are true positives.
To select specific responses, see the fine postscreen_dnsbl_sites
documentation.
Wietse
