DNS lookups not working?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 All, I see this a lot in my mail.log (unknown): Feb 10 20:38:28 server postfix/smtpd[21977]: connect from unknown[72.4.168.106] Feb 10 09:38:30 server postfix/smtpd[21977]: NOQUEUE: reject: RCPT from unknown[72.4.168.106]: 554 5.7.1 Service unavailable; Client host [72.4.168.106] blocked using zen.spamhaus.org; http://www.spamhaus.org/query/bl?ip=72.4.168.106; from= to= proto=ESMTP helo= Feb 10 09:38:30 server postfix/smtpd[21977]: disconnect from unknown[72.4.168.106] Feb 10 09:38:40 server postfix/smtpd[21977]: connect from unknown[80.65.83.20] Feb 10 09:38:42 server postfix/smtpd[21977]: NOQUEUE: reject: RCPT from unknown[80.65.83.20]: 554 5.7.1 Service unavailable; Client host [80.65.83.20] blocked using bl.spamcop.net; Blocked - see http://www.spamcop.net/bl.shtml?80.65.83.20; from= to= proto=ESMTP helo= Feb 10 09:38:42 server postfix/smtpd[21977]: lost connection after DATA (0 bytes) from unknown[80.65.83.20] Feb 10 09:38:42 server postfix/smtpd[21977]: disconnect from unknown[80.65.83.20] Feb 10 09:38:45 server postfix/smtpd[21977]: connect from unknown[80.65.83.20] Feb 10 09:38:46 server postfix/smtpd[21977]: NOQUEUE: reject: RCPT from unknown[80.65.83.20]: 554 5.7.1 Service unavailable; Client host [80.65.83.20] blocked using bl.spamcop.net; Blocked - see http://www.spamcop.net/bl.shtml?80.65.83.20; from= to= proto=ESMTP helo= Feb 10 09:38:47 server postfix/smtpd[21977]: lost connection after DATA (0 bytes) from unknown[80.65.83.20] Feb 10 09:38:47 server postfix/smtpd[21977]: disconnect from unknown[80.65.83.20] I tried selinux off no difference (I do make my own local policy fromn audits anyway). postconf -n: alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases, hash:/var/spool/postfix/plesk/aliases command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 header_checks = regexp:/etc/postfix/header_checks html_directory = no inet_interfaces = all inet_protocols = all local_recipient_maps = $virtual_mailbox_maps mail_owner = postfix mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man message_size_limit = 1024 mydestination = localhost.$mydomain, localhost, localhost.localdomain newaliases_path = /usr/bin/newaliases.postfix queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.5.6/README_FILES sample_directory = /usr/share/doc/postfix-2.5.6/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtp_send_xforward_command = yes smtp_tls_security_level = may smtp_use_tls = no smtpd_authorized_xforward_hosts = 127.0.0.0/8 smtpd_client_restrictions = check_client_access hash:/etc/postfix/whitelist, check_sender_access hash:/etc/postfix/check_backscatterer, check_sender_access hash:/etc/postfix/check_spamcannibal, reject_rbl_client bl.spamcop.net, reject_rbl_client zen.spamhaus.org, reject_rbl_client b.barracudacentral.org smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sender_restrictions = check_sender_access hash:/var/spool/postfix/plesk/blacklists, reject_non_fqdn_sender smtpd_tls_cert_file = /etc/postfix/postfix_default.pem smtpd_tls_key_file = $smtpd_tls_cert_file smtpd_tls_security_level = may smtpd_use_tls = yes transport_maps = hash:/var/spool/postfix/plesk/transport unknown_local_recipient_reject_code = 550 virtual_alias_maps = $virtual_maps, hash:/var/spool/postfix/plesk/virtual virtual_gid_maps = static:31 virtual_mailbox_base = /var/qmail/mailnames virtual_mailbox_domains = $virtual_mailbox_maps, hash:/var/spool/postfix/plesk/virtual_domains virtual_mailbox_maps = hash:/var/spool/postfix/plesk/vmailbox virtual_transport = plesk_virtual virtual_uid_maps = static:110 Here is a test showing my DNS works: nslookup test.com > nslookup Here is the file: Server:10.0.10.1 Address:10.0.10.1#53 Non-authoritative answer: Name:test.com Address: 205.178.152.103 At first I found my resolv.conf had no nameservers in it (but the server itself runs a DNS and nslookups were working anyway), I added them but no difference.. Thanks! David -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkmRTQwACgkQi1lOcz5YUMhXrQCePq58V8/j/j6axiQsa0CPUozi PcEAn3NsQ5I3rTh6TJKvms1RILZNH4iP =3FNf -END PGP SIGNATURE- begin:vcard fn:David Cottle n:Cottle;David email;internet:webmas...@aus-city.com title:Webmaster version:2.1 end:vcard
Re: DNS lookups not working?
On 2/10/2009, David Cottle (webmas...@aus-city.com) wrote: > Feb 10 09:38:30 server postfix/smtpd[21977]: NOQUEUE: reject: RCPT > from unknown[72.4.168.106]: 554 5.7.1 Service unavailable; Are you usin the free zen service? If so, are you exceeding the limits they place on free usage? -- Best regards, Charles
Re: DNS lookups not working?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Charles Marcus wrote: > On 2/10/2009, David Cottle (webmas...@aus-city.com) wrote: >> Feb 10 09:38:30 server postfix/smtpd[21977]: NOQUEUE: reject: >> RCPT from unknown[72.4.168.106]: 554 5.7.1 Service unavailable; > > Are you usin the free zen service? If so, are you exceeding the > limits they place on free usage? > Hi Charles, Yes I am but I am not exceeding the usage. Here are some from other servers: Feb 10 11:38:40 server postfix/smtpd[32014]: connect from unknown[61.90.76.4] Feb 10 11:38:41 server postfix/smtpd[32014]: NOQUEUE: reject: RCPT from unknown[61.90.76.4]: 554 5.7.1 Service unavailable; Client host [61.90.76.4] blocked using zen.spamhaus.org; http://www.spamhaus.org/query/bl?ip=61.90.76.4; from= to= proto=ESMTP helo= Feb 10 22:38:42 server spamd[3422]: spamd: got connection over /tmp/spamd_full.sock Feb 10 11:38:42 server postfix/smtpd[32014]: lost connection after DATA (0 bytes) from unknown[61.90.76.4] Feb 10 11:38:42 server postfix/smtpd[32014]: disconnect from unknown[61.90.76.4] Feb 10 22:38:42 server spamd[28616]: prefork: child states: II Feb 10 11:38:47 server postfix/smtpd[32013]: connect from unknown[86.55.226.169] Feb 10 22:38:49 server imapd: Connection, ip=[127.0.0.1] Feb 10 22:38:49 server imapd: IMAP connect from @ [127.0.0.1]INFO: LOGIN, user=webmas...@aus-city.com, ip=[127.0.0.1], protocol=IMAP Feb 10 11:38:49 server postfix/smtpd[32013]: NOQUEUE: reject: RCPT from unknown[86.55.226.169]: 554 5.7.1 Service unavailable; Client host [86.55.226.169] blocked using bl.spamcop.net; Blocked - see http://www.spamcop.net/bl.shtml?86.55.226.169; from= to= proto=ESMTP helo= Feb 10 11:30:14 server postfix/smtpd[31747]: NOQUEUE: reject: RCPT from unknown[94.181.24.220]: 554 5.7.1 Service unavailable; Client host [94.181.24.220] blocked using zen.spamhaus.org; http://www.spamhaus.org/query/bl?ip=94.181.24.220; from= to= proto=ESMTP helo= Feb 10 11:30:14 server postfix/smtpd[31747]: NOQUEUE: reject: RCPT from unknown[94.181.24.220]: 554 5.7.1 Service unavailable; Client host [94.181.24.220] blocked using zen.spamhaus.org; http://www.spamhaus.org/query/bl?ip=94.181.24.220; from= to= proto=ESMTP helo= Feb 10 11:30:15 server postfix/smtpd[31747]: lost connection after DATA (0 bytes) from unknown[94.181.24.220] Feb 10 11:30:15 server postfix/smtpd[31747]: disconnect from unknown[94.181.24.220] Feb 10 11:30:18 server postfix/smtpd[31747]: connect from unknown[88.239.131.191] Feb 10 11:30:21 server postfix/smtpd[31747]: NOQUEUE: reject: RCPT from unknown[88.239.131.191]: 554 5.7.1 Service unavailable; Client host [88.239.131.191] blocked using bl.spamcop.net; Blocked - see http://www.spamcop.net/bl.shtml?88.239.131.191; from= to= proto=SMTP helo= Feb 10 11:30:22 server postfix/smtpd[31747]: disconnect from unknown[88.239.131.191] Feb 10 22:30:28 server imapd: Connection, ip=[127.0.0.1] Thanks! -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEUEARECAAYFAkmRaHcACgkQi1lOcz5YUMgZRACXU33RVYGSn0JUiIvz8xRxckKq QgCZAUbaiOL8gA9dWP0Ko8QaVBFc7PU= =5s1C -END PGP SIGNATURE- begin:vcard fn:David Cottle n:Cottle;David email;internet:webmas...@aus-city.com title:Webmaster version:2.1 end:vcard
Re: DNS lookups not working?
David Cottle: [ Charset ISO-8859-1 unsupported, converting... ] > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > All, > > I see this a lot in my mail.log (unknown): > > Feb 10 20:38:28 server postfix/smtpd[21977]: connect from > unknown[72.4.168.106] > Feb 10 09:38:30 server postfix/smtpd[21977]: NOQUEUE: reject: RCPT > from unknown[72.4.168.106]: 554 5.7.1 Service unavailable; Client host Try: http://www.postfix.org/DEBUG_README.html#no_chroot. If it works, send a complaint to your vendor. I, the Postfix author, do not recommend that chroot is turned on except by experts. Wietse Try turning off chroot operation in master.cf = A common mistake is to turn on chroot operation in the master.cf file without going through all the necessary steps to set up a chroot environment. This causes Postfix daemon processes to fail due to all kinds of missing files. The example below shows an SMTP server that is configured with chroot turned off: /etc/postfix/master.cf: # = # service type private unpriv chroot wakeup maxproc command # (yes) (yes) (yes) (never) (100) # = smtp inet n - n - - smtpd Inspect master.cf for any processes that have chroot operation not turned off. If you find any, save a copy of the master.cf file, and edit the entries in question. After executing the command "postfix reload", see if the problem has gone away. If turning off chrooted operation made the problem go away, then congratulations. Leaving Postfix running in this way is adequate for most sites. If you prefer chrooted operation, see the Postfix BASIC_CONFIGURATION_README file for information about how to prepare Postfix for chrooted operation.
Re: DNS lookups not working?
On Tue, Feb 10, 2009 at 7:44 PM, Wietse Venema wrote: > David Cottle: > [ Charset ISO-8859-1 unsupported, converting... ] >> -BEGIN PGP SIGNED MESSAGE- >> Hash: SHA1 >> >> All, >> >> I see this a lot in my mail.log (unknown): >> >> Feb 10 20:38:28 server postfix/smtpd[21977]: connect from >> unknown[72.4.168.106] >> Feb 10 09:38:30 server postfix/smtpd[21977]: NOQUEUE: reject: RCPT >> from unknown[72.4.168.106]: 554 5.7.1 Service unavailable; Client host > > Try: http://www.postfix.org/DEBUG_README.html#no_chroot. If it > works, send a complaint to your vendor. I, the Postfix author, do > not recommend that chroot is turned on except by experts. > >Wietse > > Try turning off chroot operation in master.cf > = > > A common mistake is to turn on chroot operation in the master.cf > file without going through all the necessary steps to set up a > chroot environment. This causes Postfix daemon processes to fail > due to all kinds of missing files. > > The example below shows an SMTP server that is configured with > chroot turned off: > >/etc/postfix/master.cf: ># = ># service type private unpriv chroot wakeup maxproc command ># (yes) (yes) (yes) (never) (100) ># = >smtp inet n - n - - smtpd > > Inspect master.cf for any processes that have chroot operation not > turned off. If you find any, save a copy of the master.cf file, > and edit the entries in question. After executing the command > "postfix reload", see if the problem has gone away. > > If turning off chrooted operation made the problem go away, then > congratulations. Leaving Postfix running in this way is adequate > for most sites. If you prefer chrooted operation, see the Postfix > BASIC_CONFIGURATION_README file for information about how to prepare > Postfix for chrooted operation. > I have this same problem that I was not able to solve for almost a week now. I posted too on various mailing lists including this (mail from gmail and yahoo are blocked), some suggested to install a caching nameserver but obviously in your case it doesn't work too. Replaced OpenDNS with other DNS server to no avail, still the same result. If rbl is enabled all incoming emails were blocked so I have no recourse but to turn it off, caveat is I've got lots of SPAM. Also I don't have Postfix in chroot environment. Here's my log: Feb 10 21:34:46 kartero postfix/smtpd[14176]: NOQUEUE: reject: RCPT from wf-out-1314.google.com[209.85.200.172]: 554 5.7.1 Service unavailable; Client host [209.85.200.172] blocked using bl.spamcop.net; from= to= proto=ESMTP helo=
Re: DNS lookups not working?
On Tue, 10 Feb 2009 21:50:26 +0800 jan gestre wrote: [snip] > I have this same problem that I was not able to solve for almost a > week now. I posted too on various mailing lists including this (mail > from gmail and yahoo are blocked), some suggested to install a caching > nameserver but obviously in your case it doesn't work too. Replaced > OpenDNS with other DNS server to no avail, still the same result. If > rbl is enabled all incoming emails were blocked so I have no recourse > but to turn it off, caveat is I've got lots of SPAM. Also I don't have > Postfix in chroot environment. > > Here's my log: > > Feb 10 21:34:46 kartero postfix/smtpd[14176]: NOQUEUE: reject: RCPT > from wf-out-1314.google.com[209.85.200.172]: 554 5.7.1 Service > unavailable; Client host [209.85.200.172] blocked using > bl.spamcop.net; from= > to= proto=ESMTP helo= It's working exactly as you configured it. If you want that mail, remove bl.spamcop.net from your checks...
Re: DNS lookups not working?
jan gestre: > On Tue, Feb 10, 2009 at 7:44 PM, Wietse Venema wrote: > > David Cottle: > > [ Charset ISO-8859-1 unsupported, converting... ] > >> -BEGIN PGP SIGNED MESSAGE- > >> Hash: SHA1 > >> > >> All, > >> > >> I see this a lot in my mail.log (unknown): > >> > >> Feb 10 20:38:28 server postfix/smtpd[21977]: connect from > >> unknown[72.4.168.106] > >> Feb 10 09:38:30 server postfix/smtpd[21977]: NOQUEUE: reject: RCPT > >> from unknown[72.4.168.106]: 554 5.7.1 Service unavailable; Client host > > > > Try: http://www.postfix.org/DEBUG_README.html#no_chroot. If it > > works, send a complaint to your vendor. I, the Postfix author, do > > not recommend that chroot is turned on except by experts. > > > >Wietse > > > > Try turning off chroot operation in master.cf > > = > > > > A common mistake is to turn on chroot operation in the master.cf > > file without going through all the necessary steps to set up a > > chroot environment. This causes Postfix daemon processes to fail > > due to all kinds of missing files. > > > > The example below shows an SMTP server that is configured with > > chroot turned off: > > > >/etc/postfix/master.cf: > ># = > ># service type private unpriv chroot wakeup maxproc command > ># (yes) (yes) (yes) (never) (100) > ># = > >smtp inet n - n - - smtpd > > > > Inspect master.cf for any processes that have chroot operation not > > turned off. If you find any, save a copy of the master.cf file, > > and edit the entries in question. After executing the command > > "postfix reload", see if the problem has gone away. > > > > If turning off chrooted operation made the problem go away, then > > congratulations. Leaving Postfix running in this way is adequate > > for most sites. If you prefer chrooted operation, see the Postfix > > BASIC_CONFIGURATION_README file for information about how to prepare > > Postfix for chrooted operation. > > > > I have this same problem that I was not able to solve for almost a > week now. I posted too on various mailing lists including this (mail > from gmail and yahoo are blocked), some suggested to install a caching > nameserver but obviously in your case it doesn't work too. Replaced > OpenDNS with other DNS server to no avail, still the same result. If > rbl is enabled all incoming emails were blocked so I have no recourse > but to turn it off, caveat is I've got lots of SPAM. Also I don't have > Postfix in chroot environment. > > Here's my log: > > Feb 10 21:34:46 kartero postfix/smtpd[14176]: NOQUEUE: reject: RCPT > from wf-out-1314.google.com[209.85.200.172]: 554 5.7.1 Service > unavailable; Client host [209.85.200.172] blocked using > bl.spamcop.net; from= > to= proto=ESMTP helo= This thread is about CLIENT names logged as UNKNOWN, You are having a problem with a DNS server that produces bogus replies for non-existent hostnames. You can twiddle with Postfix configurations until the cows come home. It will not make an iota of difference. Wietse
Re: DNS lookups not working?
On Tue, Feb 10, 2009 at 09:50:26PM +0800, jan gestre wrote: > On Tue, Feb 10, 2009 at 7:44 PM, Wietse Venema wrote: > > David Cottle: > > [ Charset ISO-8859-1 unsupported, converting... ] > >> -BEGIN PGP SIGNED MESSAGE- > >> Hash: SHA1 > >> > >> All, > >> > >> I see this a lot in my mail.log (unknown): > >> > >> Feb 10 20:38:28 server postfix/smtpd[21977]: connect from > >> unknown[72.4.168.106] > >> Feb 10 09:38:30 server postfix/smtpd[21977]: NOQUEUE: reject: RCPT > >> from unknown[72.4.168.106]: 554 5.7.1 Service unavailable; Client host > > > > Try: http://www.postfix.org/DEBUG_README.html#no_chroot. If it > > works, send a complaint to your vendor. I, the Postfix author, do > > not recommend that chroot is turned on except by experts. > > > >Wietse > > > > Try turning off chroot operation in master.cf > > = > > > > A common mistake is to turn on chroot operation in the master.cf > > file without going through all the necessary steps to set up a > > chroot environment. This causes Postfix daemon processes to fail > > due to all kinds of missing files. > > > > The example below shows an SMTP server that is configured with > > chroot turned off: > > > >/etc/postfix/master.cf: > ># = > ># service type private unpriv chroot wakeup maxproc command > ># (yes) (yes) (yes) (never) (100) > ># = > >smtp inet n - n - - smtpd > > > > Inspect master.cf for any processes that have chroot operation not > > turned off. If you find any, save a copy of the master.cf file, > > and edit the entries in question. After executing the command > > "postfix reload", see if the problem has gone away. > > > > If turning off chrooted operation made the problem go away, then > > congratulations. Leaving Postfix running in this way is adequate > > for most sites. If you prefer chrooted operation, see the Postfix > > BASIC_CONFIGURATION_README file for information about how to prepare > > Postfix for chrooted operation. > > > > I have this same problem that I was not able to solve for almost a > week now. I posted too on various mailing lists including this (mail > from gmail and yahoo are blocked), some suggested to install a caching > nameserver but obviously in your case it doesn't work too. Replaced > OpenDNS with other DNS server to no avail, still the same result. If > rbl is enabled all incoming emails were blocked so I have no recourse > but to turn it off, caveat is I've got lots of SPAM. Also I don't have > Postfix in chroot environment. > > Here's my log: > > Feb 10 21:34:46 kartero postfix/smtpd[14176]: NOQUEUE: reject: RCPT > from wf-out-1314.google.com[209.85.200.172]: 554 5.7.1 Service > unavailable; Client host [209.85.200.172] blocked using > bl.spamcop.net; from= > to= proto=ESMTP helo= > You may want to use something like policyd-weight to moderate the effects of a single RBL. It can be configured to require several RBL's or message characteristics to be valid before the message is rejected. It also allows you to adjust the reject threshold to minimize false-positive responses. Cheers, Ken
Re: DNS lookups not working?
On Tue, Feb 10, 2009 at 9:58 PM, Wietse Venema wrote: > jan gestre: >> On Tue, Feb 10, 2009 at 7:44 PM, Wietse Venema wrote: >> > David Cottle: >> > [ Charset ISO-8859-1 unsupported, converting... ] >> >> -BEGIN PGP SIGNED MESSAGE- >> >> Hash: SHA1 >> >> >> >> All, >> >> >> >> I see this a lot in my mail.log (unknown): >> >> >> >> Feb 10 20:38:28 server postfix/smtpd[21977]: connect from >> >> unknown[72.4.168.106] >> >> Feb 10 09:38:30 server postfix/smtpd[21977]: NOQUEUE: reject: RCPT >> >> from unknown[72.4.168.106]: 554 5.7.1 Service unavailable; Client host >> > >> > Try: http://www.postfix.org/DEBUG_README.html#no_chroot. If it >> > works, send a complaint to your vendor. I, the Postfix author, do >> > not recommend that chroot is turned on except by experts. >> > >> >Wietse >> > >> > Try turning off chroot operation in master.cf >> > = >> > >> > A common mistake is to turn on chroot operation in the master.cf >> > file without going through all the necessary steps to set up a >> > chroot environment. This causes Postfix daemon processes to fail >> > due to all kinds of missing files. >> > >> > The example below shows an SMTP server that is configured with >> > chroot turned off: >> > >> >/etc/postfix/master.cf: >> ># = >> ># service type private unpriv chroot wakeup maxproc command >> ># (yes) (yes) (yes) (never) (100) >> ># = >> >smtp inet n - n - - smtpd >> > >> > Inspect master.cf for any processes that have chroot operation not >> > turned off. If you find any, save a copy of the master.cf file, >> > and edit the entries in question. After executing the command >> > "postfix reload", see if the problem has gone away. >> > >> > If turning off chrooted operation made the problem go away, then >> > congratulations. Leaving Postfix running in this way is adequate >> > for most sites. If you prefer chrooted operation, see the Postfix >> > BASIC_CONFIGURATION_README file for information about how to prepare >> > Postfix for chrooted operation. >> > >> >> I have this same problem that I was not able to solve for almost a >> week now. I posted too on various mailing lists including this (mail >> from gmail and yahoo are blocked), some suggested to install a caching >> nameserver but obviously in your case it doesn't work too. Replaced >> OpenDNS with other DNS server to no avail, still the same result. If >> rbl is enabled all incoming emails were blocked so I have no recourse >> but to turn it off, caveat is I've got lots of SPAM. Also I don't have >> Postfix in chroot environment. >> >> Here's my log: >> >> Feb 10 21:34:46 kartero postfix/smtpd[14176]: NOQUEUE: reject: RCPT >> from wf-out-1314.google.com[209.85.200.172]: 554 5.7.1 Service >> unavailable; Client host [209.85.200.172] blocked using >> bl.spamcop.net; from= >> to= proto=ESMTP helo= > > This thread is about CLIENT names logged as UNKNOWN, > > You are having a problem with a DNS server that produces bogus replies > for non-existent hostnames. You can twiddle with Postfix configurations > until the cows come home. It will not make an iota of difference. > >Wietse > I apologize for that, I thought it's the same.
hijacked NXDOMAIN (Re: DNS lookups not working?)
jan gestre a écrit : > [snip] >>> I have this same problem that I was not able to solve for almost a >>> week now. I posted too on various mailing lists including this (mail >>> from gmail and yahoo are blocked), some suggested to install a caching >>> nameserver but obviously in your case it doesn't work too. Replaced >>> OpenDNS with other DNS server to no avail, still the same result. you can easily check your DNS service with host 1.0.0.127.google.com if this returns a result, then your DNS provider is lying to you and there is nothing we can do for you. if installing BIND on your postfix machine, without using any forwarder, doesn't fix the problem, then your ISP is redirecting your DNS traffic, and the only thing you can do is complain to your ISP or switch. if all you do is forward to another lying provider, that won't fix your problem. a workaround is reject_rbl_client bl.spamcop.net=127.0.0.2 you can do this for other DNSBLs, but you'll need to include every possible return code. but this is just a workaround. BTW, everybody is encouraged to use dnswl.org before DNSBL calls. see www.dnswl.org for details. >>> [snip] >>> >>> Feb 10 21:34:46 kartero postfix/smtpd[14176]: NOQUEUE: reject: RCPT >>> from wf-out-1314.google.com[209.85.200.172]: 554 5.7.1 Service >>> unavailable; Client host [209.85.200.172] blocked using >>> bl.spamcop.net; from= >>> to= proto=ESMTP helo=