Confirm Spamhaus Checks?

Matthew Carpenter matt
Mon Feb 21 14:00:53 PST 2005 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Postfix is in the middle of a transition, when two different RBL config
lines can be used.  One is legacy, one is the future of Postfix.  I
forget which is which, but it seemed backwards to me which was going to
be the one going forward.  I believe it was the "maps_rbl_domains" which
is deprecated.  Here is the one I use the most:

smtpd_client_restrictions = reject_rbl_client dnsbl.njabl.org,
reject_rbl_client bl.spamcop.net, reject_rbl_client relays.ordb.org


Kurt Wall wrote:
| On Saturday 19 February 2005 11:09, A. Khattri enlightened us thusly:
|
|>On Sat, 19 Feb 2005, Kurt Wall wrote:
|>
|>>I recently started using the Spamhaus black hole lists with my
|>>Postfix configuration in an attempt to block spam before it gets
|>>into my system. How do I verify that Postfix is actually doing the
|>>lookup to Spamhaus?
|>
|>Im using the SBL and XBL with qmail. Look at your logs. My log
|>entries for qmail-smtpd look like this:
|>
|>17:28:21.303453500 rblsmtpd: 222.64.60.134 pid 32206: 451
|>http://www.spamhaus.org/SBL/sbl.lasso?query=SBL19306
|>
|>This shows a connection from 222.64.60.134 generating a 451 response
|>- so the IP is listed in the SBL and the URL gives you more info on
|>this spammer.
|
|
| That did it. As it turns out, I was missing a config parameter. First, I
| used reject_maps_rbl. After looking at the log file, I realized it
| needed to be reject_maps_rbl sbl-xbl.spamhaus.org. Another look at the
| log file told me I needed to reject_rbl_client sbl-xbl.spamhaus.org
| because reject_maps_rbl is going away.
|
| Now I see that my SBL/XBL lookups are working.
|
| For the record, the entries in main.cf that got this working are:
|
| smtpd_recipient_restrictions = permit_mynetworks,
|         reject_rbl_client sbl-xbl.spamhaus.org,
|         reject_unauth_destination,
|         check_sender_access hash:/etc/postfix/access,
|         reject_rhsbl_client sbl-xbl.spamhaus.org,
|         permit
|
| Oddly, it didn't work until I added
|
|  reject _rbl_client  sbl-xbl.spamhaus.org
|
| to the smtpd_recipient_restrictions. Go figger.
|
| Thanks the tip, Khattri.
|
| Kurt
| _______________________________________________
| Linux-users mailing list
| Linux-users at linux-sxs.org
| http://mail.linux-sxs.org/cgi-bin/mailman/listinfo/linux-users
|
| Need to chat further on this subject? Check out #linux-users on
irc.linux-sxs.org !
|
|
|

- --
Matthew Carpenter
matt at eisgr.com                          http://www.eisgr.com/

Enterprise Information Systems
* Network Server Appliances
* Security Consulting, Incident Handling & Forensics
* Network Consulting, Integration & Support
* Web Integration and E-Business
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFCGi7hso9lqh4MragRAvHMAKDLydyDU0onOAov67zoWBC795HstgCgxIhP
BlTswxIZSbLIdN0IdFNpDNk=
=HSiw
-----END PGP SIGNATURE-----

More information about the Linux-users mailing list