On Sun, Mar 13, 2011 at 1:16 PM, Larry Vaden <va...@texoma.net> wrote: > On Sun, Mar 13, 2011 at 12:43 PM, Wietse Venema <wie...@porcupine.org> wrote: >> Ralf Hildebrandt: >>> $ host 197.251.232.190.zen.spamhaus.org >>> 197.251.232.190.zen.spamhaus.org has address 127.0.0.11 >>> 197.251.232.190.zen.spamhaus.org has address 127.0.0.4 >>> >>> 2*2 = 7? >> >> Surely you have enough logs of your own that you can verify >> that this does not happen. > > For your interpretation: > > [root@mx4 ~]# grep -i 151.56.102.63 /var/log/maillog > Mar 13 10:53:45 mx4 postfix/postscreen[2698]: CONNECT from > [151.56.102.63]:19288 > Mar 13 10:53:45 mx4 postfix/postscreen[2698]: HANGUP after 0 from > [151.56.102.63]:19288 in tests before SMTP handshake > Mar 13 10:53:45 mx4 postfix/postscreen[2698]: DISCONNECT [151.56.102.63]:19288 > Mar 13 10:53:45 mx4 postfix/postscreen[2698]: CONNECT from > [151.56.102.63]:19289 > Mar 13 10:53:45 mx4 postfix/dnsblog[7617]: addr 151.56.102.63 listed > by domain b.barracudacentral.org as 127.0.0.2 > Mar 13 10:53:45 mx4 postfix/dnsblog[7584]: addr 151.56.102.63 listed > by domain b.barracudacentral.org as 127.0.0.2 > Mar 13 10:53:45 mx4 postfix/dnsblog[7576]: addr 151.56.102.63 listed > by domain zen.spamhaus.org as 127.0.0.10 > Mar 13 10:53:45 mx4 postfix/dnsblog[7615]: addr 151.56.102.63 listed > by domain zen.spamhaus.org as 127.0.0.10 > Mar 13 10:53:51 mx4 postfix/postscreen[2698]: DNSBL rank 6 for > [151.56.102.63]:19289 > Mar 13 10:53:52 mx4 postfix/postscreen[2698]: NOQUEUE: reject: RCPT > from [151.56.102.63]:19289: 550 5.7.1 Service unavailable; client > [151.56.102.63] blocked using b.barracudacentral.org; > from=<kayl...@nerdly.net>, to=<garyst...@texoma.net>, proto=SMTP, > helo=<texoma.net> > Mar 13 10:53:52 mx4 postfix/postscreen[2698]: DISCONNECT [151.56.102.63]:19289 > [root@mx4 ~]# > > So, it looks like the DNSBL that gets the credit is _perhaps_ the > first to respond, I dunno for sure.
Weitse, Please let me try to advance the request to make certain other tests available as an option in postscreen; namely, note the helo above; unless I have watched too much Dennis Miller and am wrong about this, we could have rejected said based on the helo, in other cases, based on the absence of rDNS, thus taking load off the DNSBLs. kind regards/ldv -- Larry Vaden, CoFounder Internet Texoma, Inc. Serving Rural Texomaland Since 1995 We Care About Your Connection!
