Question about Postfix, SA and rbl checks
wrobel at pardus.de
Mon Jun 23 13:53:01 CEST 2008
Jens Kleikamp <jens at codes-concepts.com> writes:
> Hi Guys,
> I got a false positive which is tagged by SA and the
> following rules hit the mail:
> "RCVD_IN_BL_SPAMCOP_NET=4.1, RCVD_IN_PSBL=3"
> Besides SA I also setup postfix to do some rbl checks as well.
> I set "reject_rbl_client bl.spamcop.net," to the
> smtpd_recipient_restrictions directive.
> Now I try to understand why the mail passed the mta checks, but was hit
> by SA (RCVD_IN_BL_SPAMCOP_NET).
> I tried to analyse the source code of the email which is also availeable
> at http://nopaste.biz/44497
> I identify 3 third-party systems in the received headers:
> Sender (DSL Conncection) --> ISP Mailsever (clean) --> mozdev
> mailinglist server (also clean)
> The sender delivered the mail over an authenticated smtp connection to
> his isp mailserver which then sends the mail to the mozdev
> mailinglist-server which then sends the mail to my mailserver.
> My guess is that postfix did a rbl check of the IP from the mozdev
> system which is clean, so mail passed. ( I think this is okay )
> But then SA did not use the mozdev IP but the original sender
> dynamic-dsl IP address for the rbl check. I think that is not
> okay since the dynamic IP of the sender doesn?t have any important
> meaning because the sender used an authenticated smtp session, So it
> should not be used by SA to do rbl checks.
I think Thomas answered this on IRC but to make this more persistend I
just post his response here, too.
08:33 <ThomasAH> Jense: reject_rbl_client only looks at the IP connecting to
your server, SA looks at more Received: headers
> Thank you in advance
> best regards
> Kolab-users mailing list
> Kolab-users at kolab.org
______ http://kdab.com _______________ http://kolab-konsortium.com _
p at rdus Kolab work is funded in part by KDAB and the Kolab Konsortium
____ http://www.pardus.de _________________ http://gunnarwrobel.de _
E-mail : p at rdus.de Dr. Gunnar Wrobel
Tel. : +49 700 6245 0000 Bundesstrasse 29
Fax : +49 721 1513 52322 D-20146 Hamburg
>> Mail at ease - Rent a kolab groupware server at p at rdus <<
More information about the users