[Postfixbuch-users] Blacklist: IX-Spam nutzen?

[Robert Felber]

On Fri, May 25, 2007 at 10:56:45AM +0200, Michael Mertel wrote:
> > > > Was mache ich flasch?
> > > > 
> > > > > May 25 08:17:40 hermes postfix/smtpd[29865]: warning: 
> > > > > 175.119.98.71.ix.dnsbl.manitu.net: RBL lookup error: Host or 
> > > > > domain name not found. Name service error for 
> > > > > name=175.119.98.71.ix.dnsbl.manitu.net type=A: Host not 
> > found, try 
> > > > > again May 25 08:21:36 hermes postfix/smtpd[29892]: warning: 
> > > > > 175.119.98.71.ix.dnsbl.manitu.net: RBL lookup error: Host or 
> > > > > domain name not found. Name service error for 
> > > > > name=175.119.98.71.ix.dnsbl.manitu.net type=A: Host not 
> > found, try 
> > > > > again
> > > > 
> > > > ist das falsch?:
> > > > /etc/postfix/main.cf
> > > >   ...
> > > > reject_rbl_client ix.dnsbl.manitu.net ...
> > > 
> > > Nichts. Deren Server sind chronisch überlastet
> > 
> > Indeed. Nur wills Manitu irgendwie nicht wahr haben.
> > Er prueft das immer lokal und mit dnsstuff.com - und da geht 
> > immer alles 1A (sigh).
> > 
> 
> naja, 1A sieht anders aus (von dnsstuff):
> 
> Searching for 175.119.98.71.ix.dnsbl.manitu.net ALL record at c.root-servers.net [192.33.4.12]: Got referral to B.GTLD-SERVERS.net. (zone: net.) [took 28 ms]
> Searching for 175.119.98.71.ix.dnsbl.manitu.net ALL record at B.GTLD-SERVERS.net. [192.33.14.30]: Got referral to dns02.manitu.net. (zone: manitu.net.) [took 156 ms]
> Searching for 175.119.98.71.ix.dnsbl.manitu.net ALL record at dns02.manitu.net. [217.11.49.200]: Got referral to hermes.manitu.net. (zone: ix.dnsbl.manitu.net.) [took 120 ms]
> Searching for 175.119.98.71.ix.dnsbl.manitu.net ALL record at hermes.manitu.net. [217.11.48.13]: Timed out.  Trying again.
> Searching for 175.119.98.71.ix.dnsbl.manitu.net ALL record at hermes.manitu.net. [217.11.48.13]: Timed out.  Trying again.
> Searching for 175.119.98.71.ix.dnsbl.manitu.net ALL record at hermes.manitu.net. [217.11.48.13]: Timed out.  Trying again.
> Searching for 175.119.98.71.ix.dnsbl.manitu.net ALL record at hermes.manitu.net. [217.11.48.13]: Timed out.  Trying again.
> Searching for 175.119.98.71.ix.dnsbl.manitu.net ALL record at hermes.manitu.net. [217.11.48.13]: Timed out.  Trying again.
> Searching for 175.119.98.71.ix.dnsbl.manitu.net ALL record at hermes.manitu.net. [217.11.48.13]: Timed out.  Trying again.
> 
> 
> Habe vorhin policyd-weight eingebaut und wollte mich auf die Suche machen welche RBL das alles verlangsamt ... was fuern zufall :)

Gut, policyd-weight ueberspringt (SKIP) problematische RBLs.
Siehe dazu $BL_ERROR_SKIP (def: 2) und $BL_SKIP_RELEASE (def: 10)

Was so viel bedeutet, wenn die RBL 2 Fehler hintereinander wirft,
ueberspringe sie fuer die naechsten 10 Versuche.
(Gilt allerding nur pro policyd-weight child und nicht in Summe aller children)

1 Monat:
bzgrep "MANITU.*\(ERR\|SKIP\)" /var/log/mail/maillog* | wc -l
    314

Heute:
grep "MANITU.*(ERR|SKIP)" /var/log/mail/maillog | wc -l
    119



-- 
    Robert Felber (PGP: 896CF30B)
    Munich, Germany