Stefan Bauer:
> Hi,
>
> Dec 19 13:04:36 mx1 postfix/postscreen[4770]: CONNECT from
> [209.85.166.196]:52168 to [public-ip]:25
> Dec 19 13:04:42 mx1 postfix/dnsblog[4774]: addr 209.85.166.196 listed by
> domain dnsbl.sorbs.net as 127.0.0.6
It took 6s for dnsblog to figure out that the client is listed.
Unfortunately the result came too late to have an effect on postscreen,
because postscreen will normally wait only 6s for DNS replies, so
it had already decided to let the client pass (under overload it will
wait only 2s).
I suppose it is OK that postscreen will not wait forever for DNS results...
Wietse
> Dec 19 13:04:42 mx1 postfix/postscreen[4770]: PASS NEW
> [209.85.166.196]:52168
> Dec 19 13:04:42 mx1 postfix/smtpd[4778]: connect from
> mail-it1-f196.google.com[209.85.166.196]
>
> why did google pass postscreen even though its listed in one of the RBL?
>
>
> postscreen_dnsbl_sites = zen.spamhaus.org*2 bl.spamcop.net*1
> b.barracudacentral.org*1 dnsbl.sorbs.net*1
> postscreen_blacklist_action = drop
> postscreen_dnsbl_action = enforce
>
> Am i missing something obvious?
>
> Stefan
