[pfx] Re: spamlist checks
Hi, > On 23 Jun 2023, at 05:14, Fourhundred Thecat via Postfix-users > wrote: > > Spamhaus has some removal form on their website, but the page does not > work for me (it is stuck at: Checking if the site connection is secure) > > Anyway, I was trying to find out on which other spamlists I might be > blacklisted, and I found this checker: > > https://blacklistchecker.com/ > > (it does not have spamhaus check) > > Does anybody have experience with these kinds of checkers? > How reliable are they? Is this one good, or is there a better way to > check as many relevant spamlists as possible? You could try https://multirbl.valli.org/lookup/ But I'm pretty confident Spamhaus does not have an email addresses blocklist. And I'm pretty confident too that you're not blacklisted at all and that it is a configuration problem on recipient's side. patpro ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: Postfix: running a script on authentication failure
Hi, > On 22 Jun 2023, at 21:05, André Rodier via Postfix-users > wrote: > > What are you using on your side ? I'm running postfix on FreeBSD so I can use blacklistd. A blacklistd hook has been inserted in Postfix source code so treatment is triggered directly from events handled by Postfix. (some info about that, in NetBSD context: https://imil.net/blog/posts/2020/make-postfix-trigger-blacklistd-on-failed-authentication/) Postfix signals blacklistd on failed auth, blacklistd takes a decision according to its configuration. In general when the threshold is reached, the offending IP address (or the /24 if you want) is inserted in a firewall table. sample output: $ sudo blacklistctl dump -b | head -3 address/ma:port id nfail last access 103.4.64.124/32:587 OK 3/3 2023/06/22 04:24:29 115.23.23.103/32:587 OK 3/3 2023/06/22 01:37:53 > - Do you know any service, that I could use, to get the network to ban from > an IP address reputation, something like > crowdsec, for instance ? crowdsec would probably work, but I've only tried it as a source of bad IP to block. I've note tried it as a reporting tool for new bad IP that are not yet in the crowdsourced blacklist. number of IP in the crowdsec provided blocklist on my firewall: $ sudo pfctl -t crowdsec-blacklists -T show|wc -l 17336 cheers patpro ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: Question to reject_rbl_client zen.spamhaus.org
On 9 Apr 2023, at 08:18, tom--- via Postfix-users wrote: > >> First off make sure that policyd isn't somehow returning an OK (or >> equivalent) response, if you're not sure temporarily remove >> "check_policy_service unix:private/policyd-spf," from your restrictions >> above and see if it makes a difference. >> Secondly, and this is *very* important, make certain you are not using your >> ISP's or another public DNS resolver (such as 8.8.8.8). You *must* run your >> own DNS resolver for DNSRBLs to work properly. > > I was exactly using google DNS. Do u mean Google will block queries for RBL? Spamhaus is blocking most queries from public DNS resolver. Also, you should subscribe to their free Data Query Service: https://www.spamhaus.com/free-trial/sign-up-for-a-free-data-query-service-account/ It will give you a dedicated, personal key that can help bypassing public DNS limitation. patpro ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org