[SOLVED] Whitelist not persitently used

[pmbaeum]

Hello,

i'm currently having a Problem with my PMG installation:
Since Instagram seems to be listed on several RBL Lists atm I needed to create a whitelist-Entry for security@mail.instagram.com.
I did so, globally and after the mails still got rejected I did so on the user-whitelist-level.



Accepted Mail 11:34 and 11:02 had "Rule: Whitelist" in them:
Jul 20 11:34:52 mail pmg-smtp-filter[933]: A062B62D7CC38E01CB: accept mail to <m.xxxxx> (5C5C6A0637) (rule: Whitelist)


Last one:
Jul 20 11:45:37 mail postfix/postscreen[1124]: NOQUEUE: reject: RCPT from [66.220.155.158]:33705: 550 5.7.1 Service unavailable; client [66.220.155.158] blocked using noptr.spamrats.com; from=<security@mail.instagram.com>, to=<mxxxxx>, proto=ESMTP, helo=<66-220-155-158.mail-mail.facebook.com>

They are sending from different IPs and Servers every time and seem to be on multiple Spam-Lists as "blocked using..." is different with any mail.

My ruleset:


Do I need to move Whitelist higher in Priority?
Why are some mails rejected and then accepted?

 

[Stoiko Ivanov]

ul 20 11:45:37 mail postfix/postscreen[1124]: NOQUEUE: reject: RCPT from [66.220.155.158]:33705: 550 5.7.1 Service unavailable; client [66.220.155.158] blocked using noptr.spamrats.com; from=<security@mail.instagram.com>, to=<mxxxxx>, proto=ESMTP, helo=<66-220-155-158.mail-mail.facebook.com>

the issue here is that the dnsbl checks in postscreen match the IP only - not the mail-address, or the hostname, or the domain.

if you want to bypass dnsbl checks you need to whitelist the ip-ranges where instagram is sending mails from..

I hope this helps!

 

[pmbaeum]

That helped a lot, thank you!