Make DNSBL smarter
$ telnet fqdn 25
Trying IP...
Connected to fqdn.
Escape character is '^]'.
550 https://www.spamhaus.org/query/ip/178.202.172.58
spamhaus does not allow me to send email...
Comments (18)
-
Account Deleted reporter -
repo owner - changed status to invalid
Well it seems that your address was marked as spam source (smtp should refuse cooperate as it did), removing content from dnsbl_zones you disabled dnsbl check completely.
-
Account Deleted reporter So you won't change anything here? I'd rather disable dnsbl check as this makes the stack completely useless.
Perhaps an opt-in would help. Or at least an opt-out, so i don't need to maintain my own Dockerfile.
-
repo owner Why would anyone allow spammers to connect to mailserver?
-
Account Deleted reporter To also allow normal users to do so? I tried to send an e-mail with several dynamic IPs in Germany and likely 90% failed. This is way to strict, if 90% of my normal IP addresses are blocked.
-
repo owner - changed status to open
Valid argument. For now its better to use /opt/qpsmtpd/config/dnsbl_allow, add your ip address/subnet in format "172.16.33."
I will keep this issue open for voting, its not easily solvable (DNSBL is by stats far most useful spam filtering service)
-
Account Deleted reporter That would also require maintaining my own Dockerfile to change the content of the file. Isn't there a nicer solution? Like environment variables or a volume?
-
repo owner create file "(your..data..dir)/_override/opt/qpsmtpd/config/dnsbl_allow" with that subnet and restart container
(by this way you can rewrite easily any file in container)
-
repo owner - changed title to Make DNSBL more smart
-
repo owner - changed title to Make DNSBL smarter
-
Account Deleted Same problem here - imho a valid login should override dnsbl.
-
Same here, make me search a lot before understanding the issue
And so strange cause I got a server working and the other give me the dnsbl error
If you need some diff between both server, I will send you the files you want
-
Ok, a 3 week old version of poste.io work fine, not the last one, so it's a regression (sorry)
Found solution for exim
Or for postfix we need to change the order of smtpd_recipient_restrictions and put all the permited rules before the rejected one
But did not find that info for qpsmtpd :-( (sorry again)
-
repo owner I will move dnsbl check after "MAIL FROM", dnsbl will be skipped for logged users and even some latency will be removed for proper users. It will land in next update...
-
Until the new version is out, you can use my quickfix: https://hub.docker.com/r/bkendinibilir/poste.io/
-
repo owner - changed status to resolved
fix
#96: Make DNSBL smarter→ <<cset ba7ead459d4f>>
-
Account Deleted reporter Is this included in beta 5?
-
repo owner yes it is: https://poste.io/changelog
- Log in to comment
Clearing /etc/qpsmtpd/dnsbl_zones helps - is that a qpsmtpd issue?