Daniel Gehriger
gehriger@linkcad.com
Fri, 02 Mar 2007 09:12:32 +0100
Vernon Schryver wrote: >> From: Daniel Gehriger > >>> Is there anything like a reproducable test case? > >>> Does it happen when the SMTP client IP address is not marked "mx"? >> Yes, definitely. If I use my DSL connection (not an MX) to send myself >> an e-mail w/o using a whitelisted sender address, it's immediately >> rejected even though neither a DNSBL or a checksum limited is hit. > > Does that mean there is a test case that fails all or most of the > time? If so, can the test case be described? > > I have been assuming that dccifd is running as a before-queue for > Postfix. Is that correct? Yes. Here is the relevant part of /etc/postfix/master.cf: > # Public interface for incoming mail > mail.mydomain.com:smtp inet n - y - 10 smtpd > -o receive_override_options=no_address_mappings > -o smtp_send_xforward_command=yes > -o smtpd_proxy_timeout=200s > -o smtpd_proxy_filter=127.0.0.1:10023 > > localhost:10026 inet n - y - - smtpd > -o myhostname=localhost > -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks > -o smtpd_recipient_restrictions=permit_mynetworks,reject_unauth_destination > -o smtpd_authorized_xforward_hosts=127.0.0.0/8 To reproduce, from my DSL connection, I do > telnet mail.mydomain.com 25 220 mail.mydomain.com ESMTP Postfix mail from:<me> 250 2.1.0 Ok rcpt to:<me@mydomain.com> 250 2.1.5 Ok data 354 End data with <CR><LF>.<CR><LF> foo . The rcpt to address must be valid, of course, and the DNSBL disabled. After entering the ".", I immediately receive an error that the message has been rejected as Spam. - Daniel