Dave Jones
2016-08-04 18:25:01 UTC
I have to be overlooking something here but I have tripple
checked everything and read the documentation multiple
times.
I am trying to use https://github.com/stevejenkins/postwhite
to bypass postscreen checks, primarily dnsbl checks. It
appears that postscreen is not bypassing dnsbl checks:
main.cf
=======
postscreen_access_list =
permit_mynetworks,
cidr:/etc/postfix/postscreen_spf_whitelist.cidr
/etc/postfix/postscreen_spf_whitelist.cidr
===============================
...
69.252.207.0/25 permit
...
Jul 28 07:41:30 mail3 postfix/postscreen[9105]: NOQUEUE: reject
RCPT from [69.252.207.29]:34789: 550 5.7.1 Service unavailable;
client [69.252.207.29] blocked using ubl.unsubscore.com;
from=<***@atomicgraphics.biz>, to=<***@example.com>,
proto=ESMTP, helo=<comomta-ch2-03v.sys.comcast.net>
I am seeing postfix/postscreen WHITELISTED entries in the
log for $mynetworks but not anything from
postscreen_spf_whitelist.cidr which has over 750 entries. I am
having to add off-network CIDRs to $mynetworks temporarily to
bypass dnsbl checks.
postfix-3.0.5-1.el6.x86_64
Thanks,
Dave
checked everything and read the documentation multiple
times.
I am trying to use https://github.com/stevejenkins/postwhite
to bypass postscreen checks, primarily dnsbl checks. It
appears that postscreen is not bypassing dnsbl checks:
main.cf
=======
postscreen_access_list =
permit_mynetworks,
cidr:/etc/postfix/postscreen_spf_whitelist.cidr
/etc/postfix/postscreen_spf_whitelist.cidr
===============================
...
69.252.207.0/25 permit
...
Jul 28 07:41:30 mail3 postfix/postscreen[9105]: NOQUEUE: reject
RCPT from [69.252.207.29]:34789: 550 5.7.1 Service unavailable;
client [69.252.207.29] blocked using ubl.unsubscore.com;
from=<***@atomicgraphics.biz>, to=<***@example.com>,
proto=ESMTP, helo=<comomta-ch2-03v.sys.comcast.net>
I am seeing postfix/postscreen WHITELISTED entries in the
log for $mynetworks but not anything from
postscreen_spf_whitelist.cidr which has over 750 entries. I am
having to add off-network CIDRs to $mynetworks temporarily to
bypass dnsbl checks.
postfix-3.0.5-1.el6.x86_64
Thanks,
Dave