RE: dnsbl postscreen - not blocking

Fazzina, Angelo Wed, 19 Dec 2018 06:38:30 -0800

Hi, I don’t know the answer to your question but from this site
http://www.sorbs.net/using.shtml
it looks like the IP 209.85.166.196 seems to have tripped one of these :



new.spam.dnsbl.sorbs.net    127.0.0.6
   recent.spam.dnsbl.sorbs.net    127.0.0.6
      old.spam.dnsbl.sorbs.net    127.0.0.6
          spam.dnsbl.sorbs.net    127.0.0.6
   escalations.dnsbl.sorbs.net    127.0.0.6


Maybe going down that rabbit hole will get you some answers ?
Good Luck.


-ANGELO FAZZINA

ITS Service Manager:
Spam and Virus Prevention
Mass Mailing
G Suite/Gmail

ang...@uconn.edu
University of Connecticut,  ITS, SSG, Server Systems
860-486-9075

From: owner-postfix-us...@postfix.org <owner-postfix-us...@postfix.org> On 
Behalf Of Stefan Bauer
Sent: Wednesday, December 19, 2018 8:01 AM
To: Postfix users <postfix-users@postfix.org>
Subject: dnsbl postscreen - not blocking

Hi,

Dec 19 13:04:36 mx1 postfix/postscreen[4770]: CONNECT from 
[209.85.166.196]:52168 to [public-ip]:25
Dec 19 13:04:42 mx1 postfix/dnsblog[4774]: addr 209.85.166.196 listed by domain 
dnsbl.sorbs.net<https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fdnsbl.sorbs.net&data=02%7C01%7Cangelo.fazzina%40uconn.edu%7Ca639d8676c5f4481647608d665b22948%7C17f1a87e2a254eaab9df9d439034b080%7C0%7C0%7C636808213211610993&sdata=OXJLD1BVSxnd2BFr9kjlSgJZzfkLGaPn8SegxS0ETOI%3D&reserved=0>
 as 127.0.0.6
Dec 19 13:04:42 mx1 postfix/postscreen[4770]: PASS NEW [209.85.166.196]:52168
Dec 19 13:04:42 mx1 postfix/smtpd[4778]: connect from 
mail-it1-f196.google.com<https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fmail-it1-f196.google.com&data=02%7C01%7Cangelo.fazzina%40uconn.edu%7Ca639d8676c5f4481647608d665b22948%7C17f1a87e2a254eaab9df9d439034b080%7C0%7C0%7C636808213211610993&sdata=2xATeAxGghZd9M%2FFnPBGJy2d63r6XTol4N3TwZFwIm8%3D&reserved=0>[209.85.166.196]

why did google pass postscreen even though its listed in one of the RBL?


postscreen_dnsbl_sites = 
zen.spamhaus.org<https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fzen.spamhaus.org&data=02%7C01%7Cangelo.fazzina%40uconn.edu%7Ca639d8676c5f4481647608d665b22948%7C17f1a87e2a254eaab9df9d439034b080%7C0%7C0%7C636808213211621003&sdata=u4aZoylezbM1EbWYKW8aHp2CPPW%2B%2BhJQ9y4su0LAQdE%3D&reserved=0>*2
 
bl.spamcop.net<https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fbl.spamcop.net&data=02%7C01%7Cangelo.fazzina%40uconn.edu%7Ca639d8676c5f4481647608d665b22948%7C17f1a87e2a254eaab9df9d439034b080%7C0%7C0%7C636808213211621003&sdata=0gKMeFdbaXwQPleiu6HHA158zSoiHjK1hESoBJH2Jmk%3D&reserved=0>*1
 
b.barracudacentral.org<https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fb.barracudacentral.org&data=02%7C01%7Cangelo.fazzina%40uconn.edu%7Ca639d8676c5f4481647608d665b22948%7C17f1a87e2a254eaab9df9d439034b080%7C0%7C0%7C636808213211631008&sdata=NMLItYOAZ29MYE0649jetFzUhNKaofMh5x1UhkS9R0g%3D&reserved=0>*1
 
dnsbl.sorbs.net<https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fdnsbl.sorbs.net&data=02%7C01%7Cangelo.fazzina%40uconn.edu%7Ca639d8676c5f4481647608d665b22948%7C17f1a87e2a254eaab9df9d439034b080%7C0%7C0%7C636808213211631008&sdata=1vKU24sbuGAsz3filbqzzSh7FCvCvq2AjGg10IELME0%3D&reserved=0>*1
postscreen_blacklist_action = drop
postscreen_dnsbl_action = enforce

Am i missing something obvious?

Stefan

RE: dnsbl postscreen - not blocking

Reply via email to