Changing DNSBL behaviour

W

wouter-nimsys.nl

New Member
Dec 29, 2022
2
0
1
Hi all,

We've set spamhaus and barracuda to be our DNSBL, but I dont like it that mail is rejected when the first service in the list is not available.
Is there a way to requeue the mail after x seconds so the service can be tried again? Perhaps with an y number of retries?
This should not lead to a block IMHO :
Dec 29 03:14:04 mail postfix/postscreen[10583]: NOQUEUE: reject: RCPT from [40.92.90.97]:64033: 550 5.7.1 Service unavailable; client [40.92.90.97] blocked using zen.spamhaus.org
 
Usually blocking mail coming from IPs that are listed on trustworthy DNSBLs is one of the most effective and cheap ways to combat spam (and most legitimate sending servers, which arrived on the list by accident/misconfiguration, will fix the issue quite fast) - So I'm not sure this change brings you any improvement.

The rationale and also the potential config-settings are quite well explained in the postscreen howto:
https://www.postfix.org/POSTSCREEN_README.html

If you still want to change that you could consider not using postscreen and configuring the DNSBLs in postfix/smtpd (maybe there you could tweak the responses to a tempfail 4xx code) - but as said I don't think that this is a good idea

(to change the postfix configuration in PMG you need to use the templateing system:
https://pmg.proxmox.com/pmg-docs/pmg-admin-guide.html#pmgconfig_template_engine )

I hope this helps!
 
wouter-nimsys.nl said:
In the end I removed the DNSBL option, to many false positives on both addresses.
Click to expand...
That's odd - for us here (and in my experience from this community and from colleagues running E-mail infrastructure) DNSBLs (a sensible subset of them) is a very good measure to prevent spam from getting through.

the settings from the getting started page https://pmg.proxmox.com/wiki/index.php/Getting_started_with_Proxmox_Mail_Gateway
do work fine in most situation (if they don't I'd suspect your DNS setup to have an issue)
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom