[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Blacklisting (postfix rbl) - recent issue with blackhole.securitysage.com

On Thu, Mar 15, 2007 at 08:34:39PM +0100, Robert Hensel (Hensel Hosting) wrote:
> Yesterday, I received multiple reports from users that
> they had trouble mailing us. After checking the maillog I
> discovered that blackhole.securitysage.com seemed to block a
> whole lot of mail to us (read: all)! I of course immediatly
> deleted this blacklist from our reject_rbls but the host
> blackhole.securitysage.com was just unreacheable (also see this page
> http://wiki.openrbl.org/wiki/Blackhole.securitysage.com). Now it
> seems weird that if the rbl host is unreachable Postfix decides to
> simply take that as a "ah well, just block everything then", or maybe
> something else was going on?

postfix doesn't do that.

if it can't get an answer from an RBL, it just ignores it.

> What are you thoughts on this?
> maillog:
> [....]
> >Mar 14 11:01:03 hostname postfix/smtpd[28035]: NOQUEUE: reject: RCPT 
> >from hostname[ip]: 554 5.7.1 Service unavailable; Client host 
> >[hostname] blocked using blackhole.securitysage.com; 
> >from=<address@addresss.com> to=<address@address.com> proto=ESMTP 
> >helo=<hostname>

blackhole.securitysage.com must have returned a response that said
"block this".

note: the fact that their web site was down doesn't mean that their RBL
name server was down.


craig sanders <cas@taz.net.au>

One man's theology is another man's belly laugh.

Reply to: