[pfx] dnsbl check is frequently still run even though pregreet drops the connection

Wed, 08 Oct 2025 08:19:40 -0700 

Hi folks,
I have noted that a dnsbl check is frequently run, even if the pregreet conditions drop the connection. See log excerpt below. 


2025-10-05T00:22:58.444975+02:00 smtpsrv postfix/postscreen[320455]: 
PREGREET 11 after 0.02 from [196.251.92.11]:50682: EHLO User\r\n
2025-10-05T00:22:58.445051+02:00 smtpsrv postfix/postscreen[320455]: 
DISCONNECT [196.251.92.11]:50682
2025-10-05T00:22:58.488851+02:00 smtpsrv postfix/dnsblog[320460]: addr 
196.251.92.11 listed by domain zen.spamhaus.org as 127.0.0.9
2025-10-05T00:22:58.488998+02:00 smtpsrv postfix/dnsblog[320460]: addr 
196.251.92.11 listed by domain zen.spamhaus.org as 127.0.0.2
2025-10-05T00:22:58.489045+02:00 smtpsrv postfix/dnsblog[320460]: addr 
196.251.92.11 listed by domain zen.spamhaus.org as 127.0.0.4
2025-10-05T00:22:58.489088+02:00 smtpsrv postfix/dnsblog[320460]: addr 
196.251.92.11 listed by domain zen.spamhaus.org as 127.0.0.3



2025-10-06T09:09:29.134376+02:00 smtpsrv postfix/postscreen[381257]: 
PREGREET 13 after 0.02 from [93.123.109.186]:53847: EHLO tPb7ss\r\n
2025-10-06T09:09:29.134552+02:00 smtpsrv postfix/postscreen[381257]: 
DISCONNECT [93.123.109.186]:53847
2025-10-06T09:09:36.125046+02:00 smtpsrv postfix/postscreen[381257]: 
CONNECT from [93.123.109.186]:61379 to [192.168.0.113]:25
2025-10-06T09:09:36.126785+02:00 smtpsrv postfix/dnsblog[381263]: addr 
93.123.109.186 listed by domain zen.spamhaus.org as 127.0.0.3
2025-10-06T09:09:36.126997+02:00 smtpsrv postfix/dnsblog[381261]: addr 
93.123.109.186 listed by domain b.barracudacentral.org as 127.0.0.2
2025-10-06T09:09:36.127033+02:00 smtpsrv postfix/dnsblog[381263]: addr 
93.123.109.186 listed by domain zen.spamhaus.org as 127.0.0.2
2025-10-06T09:09:36.127061+02:00 smtpsrv postfix/dnsblog[381263]: addr 
93.123.109.186 listed by domain zen.spamhaus.org as 127.0.0.9
2025-10-06T09:09:36.127087+02:00 smtpsrv postfix/dnsblog[381263]: addr 
93.123.109.186 listed by domain zen.spamhaus.org as 127.0.0.4



IMHO, it seems a bit superfluous, as the connection is already dead when 
the dnsbl results arrive. The pregreet drops the connection very 
quickly, mostly within 20 - 30 ms.



Why not wait for the pregreet to terminate, before querying dnsbl? With 
respect to the short delay for the pregreet test to return, it should be 
completely unnoticeable if the dnsbl tests were run after the pregreet.



I don't consider it a problem, but clutters the log a bit, and increases 
the network traffic somewhat. I'm just curious, as everything works great.


Best regards,

Peter

_______________________________________________
Postfix-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]






















					Reply via email to