On 2020-01-16 09:47, Dominic Raferd wrote:
I recently started using an RBL service where we have a 'private key'
and this operates very simply by prefixing the key to the RBL address.
But I just realised that this appears to mean that for any rejections
the whole address - including the key - is passed back to the
offending client. Which if true makes a bit of a nonsense of the idea
of a 'private' key.
rbl_reply_maps and default_rbl_reply_maps is probably what you are
looking for
http://www.postfix.org/postconf.5.html#rbl_reply_maps
http://www.postfix.org/postconf.5.html#default_rbl_reply
and for postscreen there is
http://www.postfix.org/postconf.5.html#postscreen_dnsbl_reply_map
Is there a way to cut out this private key in the response message? It
happens both with postscreen and smtpd. Here is a barely-obfuscated
example:
550 5.7.1 Service unavailable; client [51.88.120.222] blocked using
sp8lefi4grtb7jftpslxxztu3y.zen.dx.spamhous.net [1]
Links:
------
[1] http://sp8lefi4grtb7jftpslxxztu3y.zen.dx.spamhous.net
--
Christian Kivalo
