Confirm Spamhaus Checks?

[Kurt Wall]

On Saturday 19 February 2005 11:09, A. Khattri enlightened us thusly:
> On Sat, 19 Feb 2005, Kurt Wall wrote:
> > I recently started using the Spamhaus black hole lists with my
> > Postfix configuration in an attempt to block spam before it gets
> > into my system. How do I verify that Postfix is actually doing the
> > lookup to Spamhaus?
>
> Im using the SBL and XBL with qmail. Look at your logs. My log
> entries for qmail-smtpd look like this:
>
> 17:28:21.303453500 rblsmtpd: 222.64.60.134 pid 32206: 451
> http://www.spamhaus.org/SBL/sbl.lasso?query=SBL19306
>
> This shows a connection from 222.64.60.134 generating a 451 response
> - so the IP is listed in the SBL and the URL gives you more info on
> this spammer.

That did it. As it turns out, I was missing a config parameter. First, I 
used reject_maps_rbl. After looking at the log file, I realized it 
needed to be reject_maps_rbl sbl-xbl.spamhaus.org. Another look at the 
log file told me I needed to reject_rbl_client sbl-xbl.spamhaus.org 
because reject_maps_rbl is going away.

Now I see that my SBL/XBL lookups are working. 

For the record, the entries in main.cf that got this working are:

smtpd_recipient_restrictions = permit_mynetworks,
        reject_rbl_client sbl-xbl.spamhaus.org,
        reject_unauth_destination,
        check_sender_access hash:/etc/postfix/access,
        reject_rhsbl_client sbl-xbl.spamhaus.org,
        permit

Oddly, it didn't work until I added 

 reject _rbl_client  sbl-xbl.spamhaus.org

to the smtpd_recipient_restrictions. Go figger.

Thanks the tip, Khattri.

Kurt