Solved Issue with Postfix and Spamhaus RBL

circus78

Active Member

Reaction score: 7
Messages: 216

Hi, I am using postfix 3.3.4 with this configuration:

Code:
smtpd_client_restrictions =
           check_client_access hash:/usr/local/etc/postfix/access,
           permit_sasl_authenticated,
           reject_rbl_client zen.spamhaus.org,
           reject_rbl_client dnsbl.sorbs.net,
           reject_rbl_client hostkarma.junkemailfilter.com=127.0.0.2,
           reject_rbl_client b.barracudacentral.org,
           reject_rbl_client bl.spamcop.net,
           reject_rbl_client cbl.abuseat.org,
           reject_rbl_client psbl.surriel.com,
           reject_invalid_hostname,
           reject_non_fqdn_hostname,
           reject_non_fqdn_sender,
           reject_non_fqdn_recipient,
           reject_unknown_sender_domain,
           reject_unknown_recipient_domain,
           reject_unauth_pipelining,
           reject_rhsbl_client hostkarma.junkemailfilter.com=127.0.0.2,
           reject_rhsbl_sender hostkarma.junkemailfilter.com=127.0.0.2,
           reject_rhsbl_sender dsn.rfc-ignorant.org,
           permit_mynetworks
It seems I have some issue with Spamhaus RBL, for example:

Code:
May 16 09:36:59 mail postfix/smtpd[4405]: warning: hostname static-ip-18160107106.cable.net.co does not resolve to address 181.60.107.106: hostname nor servname provided, or not known
May 16 09:36:59 mail postfix/smtpd[4405]: connect from unknown[181.60.107.106]
May 16 09:37:15 mail postfix/smtpd[4405]: warning: 106.107.60.181.zen.spamhaus.org: RBL lookup error: Host or domain name not found. Name service error for name=106.107.60.181.zen.spamhaus.org type=A: Host not found, try again
May 16 09:37:15 mail postfix/smtpd[4405]: NOQUEUE: reject: RCPT from unknown[181.60.107.106]: 554 5.7.1 Service unavailable; Client host [181.60.107.106] blocked using dnsbl.sorbs.net; Currently Sending Spam See: http://www.sorbs.net/lookup.shtml?181.60.107.106; from=<akt.......@su.........com> to=<avid......@domain.org> proto=ESMTP helo=<static-ip-18160107106.cable.net.co>
May 16 09:37:15 mail postfix/smtpd[4405]: lost connection after RCPT from unknown[181.60.107.106]
May 16 09:37:15 mail postfix/smtpd[4405]: disconnect from unknown[181.60.107.106] ehlo=1 mail=1 rcpt=0/1 commands=2/3
Spamhaus is not blocking IP 181.60.107.106, but Sorbs works.
I checked on https://www.spamhaus.org/lookup/ and such is actually listed in PBL and XBL.


Is there any issue with my configuration, or Spamhaus is not allowing queries from my IP?

Thank you
 

Lamia

Well-Known Member

Reaction score: 45
Messages: 261

Hi, I am using postfix 3.3.4 with this configuration:

Code:
smtpd_client_restrictions =
           check_client_access hash:/usr/local/etc/postfix/access,
           permit_sasl_authenticated,
           reject_rbl_client zen.spamhaus.org,
           reject_rbl_client dnsbl.sorbs.net,
           reject_rbl_client hostkarma.junkemailfilter.com=127.0.0.2,
           reject_rbl_client b.barracudacentral.org,
           reject_rbl_client bl.spamcop.net,
           reject_rbl_client cbl.abuseat.org,
           reject_rbl_client psbl.surriel.com,
           reject_invalid_hostname,
           reject_non_fqdn_hostname,
           reject_non_fqdn_sender,
           reject_non_fqdn_recipient,
           reject_unknown_sender_domain,
           reject_unknown_recipient_domain,
           reject_unauth_pipelining,
           reject_rhsbl_client hostkarma.junkemailfilter.com=127.0.0.2,
           reject_rhsbl_sender hostkarma.junkemailfilter.com=127.0.0.2,
           reject_rhsbl_sender dsn.rfc-ignorant.org,
           permit_mynetworks
It seems I have some issue with Spamhaus RBL, for example:

Code:
May 16 09:36:59 mail postfix/smtpd[4405]: warning: hostname static-ip-18160107106.cable.net.co does not resolve to address 181.60.107.106: hostname nor servname provided, or not known
May 16 09:36:59 mail postfix/smtpd[4405]: connect from unknown[181.60.107.106]
May 16 09:37:15 mail postfix/smtpd[4405]: warning: 106.107.60.181.zen.spamhaus.org: RBL lookup error: Host or domain name not found. Name service error for name=106.107.60.181.zen.spamhaus.org type=A: Host not found, try again
May 16 09:37:15 mail postfix/smtpd[4405]: NOQUEUE: reject: RCPT from unknown[181.60.107.106]: 554 5.7.1 Service unavailable; Client host [181.60.107.106] blocked using dnsbl.sorbs.net; Currently Sending Spam See: http://www.sorbs.net/lookup.shtml?181.60.107.106; from=<akt.......@su.........com> to=<avid......@domain.org> proto=ESMTP helo=<static-ip-18160107106.cable.net.co>
May 16 09:37:15 mail postfix/smtpd[4405]: lost connection after RCPT from unknown[181.60.107.106]
May 16 09:37:15 mail postfix/smtpd[4405]: disconnect from unknown[181.60.107.106] ehlo=1 mail=1 rcpt=0/1 commands=2/3
Spamhaus is not blocking IP 181.60.107.106, but Sorbs works.
I checked on https://www.spamhaus.org/lookup/ and such is actually listed in PBL and XBL.


Is there any issue with my configuration, or Spamhaus is not allowing queries from my IP?

Thank you
What were you expecting to see?
Spamhaus don't have to appear in your log like Sorbs.

Given this msg "......181.60.107.106]: 554 5.7.1 Service unavailable; Client host [181.60.107.106] blocked using dnsbl.sorbs.net; Currently Sending Spam See: http://www.sorbs.net/lookup.shtml?181.60.107.106; from=<akt.......@su.........com> to=<avid......@domain.org> proto=ESMTP helo=<static-ip-18160107106.cable.net.co> May 16 09:37:15 mail postfix/smtpd[4405]: lost conne....", most (public email) servers would block your email messages from being delivered.

You may need an email proxy/forwarder for your emails to Yahoo, Gmail, etc to be delivered.
 
OP
OP
C

circus78

Active Member

Reaction score: 7
Messages: 216

Hi,

please look again:

Code:
May 16 09:37:15 mail postfix/smtpd[4405]: warning: 106.107.60.181.zen.spamhaus.org: RBL lookup error: Host or domain name not found. Name service error for name=106.107.60.181.zen.spamhaus.org type=A: Host not found, try again
The message was "inbound" to my server (domain.org is mine, in the example).
The point is: it seems I am not getting Spamhaus'r RBL protection.
Thank you
 

Lamia

Well-Known Member

Reaction score: 45
Messages: 261

Hi,

please look again:

Code:
May 16 09:37:15 mail postfix/smtpd[4405]: warning: 106.107.60.181.zen.spamhaus.org: RBL lookup error: Host or domain name not found. Name service error for name=106.107.60.181.zen.spamhaus.org type=A: Host not found, try again

The message was "inbound" to my server (domain.org is mine, in the example).
The point is: it seems I am not getting Spamhaus'r RBL protection.
Thank you
They regularly update their servers and rules. You may be using an old config. I remember dropping a few of them...
 

VladiBG

Aspiring Daemon

Reaction score: 237
Messages: 587

You may want to update your postfix configuration. There's a better separation now between different restrictions.

smtpd_helo_restrictions =
....
smtpd_sender_restrictions =
....
smtpd_relay_restrictions =
...
smtpd_recipient_restrictions =
...


regarding spamhouse you may want to switch to sbl-xbl.spamhaus.org

Here is my example:
Code:
# SASL CONFIG
broken_sasl_auth_clients = yes
smtpd_delay_reject = yes
smtpd_helo_required = yes

smtpd_helo_restrictions =
  permit_mynetworks,
  permit_sasl_authenticated,
  reject_invalid_helo_hostname,
  reject_non_fqdn_helo_hostname

smtpd_sender_restrictions =
  permit_mynetworks,
  permit_sasl_authenticated,
  reject_non_fqdn_sender,
  reject_unknown_sender_domain

smtpd_relay_restrictions =
  permit_mynetworks,
  permit_sasl_authenticated,
  defer_unauth_destination

smtpd_recipient_restrictions =
  reject_unknown_recipient_domain,
  reject_non_fqdn_recipient,
  permit_mynetworks,
  permit_sasl_authenticated,
  reject_unauth_destination,
  reject_unauth_pipelining,
  reject_rbl_client bl.spamcop.net,
  reject_rbl_client sbl-xbl.spamhaus.org,
  reject_rbl_client zen.spamhaus.org,
  reject_rbl_client db.wpbl.info,
  reject_rbl_client cbl.abuseat.org
 
Top