Hello, I'm starting to see blocks on my messages to my mail server. For some reason postscreen is not letting any gmail servers send mail, it's blocking them.
Has anyone got an idea or have you seen this? Here's my postscreen setup: # postscreen(8) settings ### Before-220 tests postscreen_greet_action = enforce postscreen_blacklist_action = enforce postscreen_dnsbl_action = enforce postscreen_access_list = permit_mynetworks cidr:/usr/local/etc/postfix/postscreen_access.cidr postscreen_dnsbl_reply_map = pcre:/usr/local/etc/postfix/postscreen_dnsbl_reply_map.pcre postscreen_dnsbl_sites = zen.spamhaus.org*3 b.barracudacentral.org*2 bl.spameatingmonkey.net*2 dnsbl.ahbl.org*2 bl.spamcop.net dnsbl.sorbs.net psbl.surriel.com bl.mailspike.net swl.spamhaus.org*-4 list.dnswl.org=127.[0..255].[0..255].0*-2 list.dnswl.org=127.[0..255].[0..255].1*-3 list.dnswl.org=127.[0..255].[0..255].[2..255]*-4 postscreen_dnsbl_threshold = 2 postscreen_dnsbl_whitelist_threshold = -2 ### End of before-220 tests ### After-220 tests ### WARNING -- See "Tests after the 220 SMTP server greeting" in the ### Postscreen Howto and *UNDERSTAND* it *BEFORE* you enable the ### following tests! #postscreen_bare_newline_action = drop #postscreen_bare_newline_enable = yes #postscreen_non_smtp_command_action = drop #postscreen_non_smtp_command_enable = yes #postscreen_pipelining_enable = yes #postscreen_pipelining_action = drop ### ADDENDUM: Any one of the foregoing three *_enable settings may cause ### significant and annoying mail delays. # For sharing a tempoary whitelist of addresses postscreen_cache_map = proxy:btree:${data_directory}/postscreen_cache postscreen_cache_cleanup_interval = 0 # Rules are evaluated in the order as specified. # Blacklist 192.168.* except 192.168.0.1. # /usr/local/etc/postfix/postscreen_access.cidr 2011-02-27 # A simple combined white/blacklist # Only "permit", "reject" and "dunno" work on the RHS # This is a CIDR table, so see cidr_table(5) for LHS syntax # Permit local clients 127.0.0.0/8 permit # 2011-05-17 brute force attack # May 17 05:35:14 cardinal postfix/anvil[3667]: statistics: max # connection count 47 for (smtpd:66.23.228.27) at May 17 05:31:38 66.23.228.27 reject # a lot from here including some DBL hits 108.62.112.160/29 reject # 2011-08-09 eWayDirect whitelisted, but hitting spamtraps # was having PREGREET protocol errors before today 207.45.161.0/24 reject ## # 2011-11-22 brute force mail attacks, smtp and imap 61.175.253.59 reject # 2012-09-23 spammer not in DNSBLs 66.7.197.45 reject # 2012-11-19 hillapex.com spammer 184.173.107.11 reject # Allow gmail server through 74.125.82.43 permit Any assistance appreciated. Thanks. Dave.