Re: Blacklisting (postfix rbl) - recent issue with blackhole.securitysage.com
On Thu, Mar 15, 2007 at 08:34:39PM +0100, Robert Hensel (Hensel Hosting) wrote:
> Yesterday, I received multiple reports from users that
> they had trouble mailing us. After checking the maillog I
> discovered that blackhole.securitysage.com seemed to block a
> whole lot of mail to us (read: all)! I of course immediatly
> deleted this blacklist from our reject_rbls but the host
> blackhole.securitysage.com was just unreacheable (also see this page
> http://wiki.openrbl.org/wiki/Blackhole.securitysage.com). Now it
> seems weird that if the rbl host is unreachable Postfix decides to
> simply take that as a "ah well, just block everything then", or maybe
> something else was going on?
postfix doesn't do that.
if it can't get an answer from an RBL, it just ignores it.
> What are you thoughts on this?
>
> maillog:
>
> [....]
> >Mar 14 11:01:03 hostname postfix/smtpd[28035]: NOQUEUE: reject: RCPT
> >from hostname[ip]: 554 5.7.1 Service unavailable; Client host
> >[hostname] blocked using blackhole.securitysage.com;
> >from=<address@addresss.com> to=<address@address.com> proto=ESMTP
> >helo=<hostname>
blackhole.securitysage.com must have returned a response that said
"block this".
note: the fact that their web site was down doesn't mean that their RBL
name server was down.
craig
--
craig sanders <cas@taz.net.au>
One man's theology is another man's belly laugh.
Reply to: