Code: Select all
$ grep '554.5' /var/log/maillog
Oct 11 09:32:20 mx postfix/smtpd[12419]: NOQUEUE: reject: RCPT from unknown[139.198.1.197]: 554 5.7.1 Service unavailable; Client host [139.198.1.197] blocked using psbl.surriel.com; Listed in PSBL, see http://psbl.org/listing?ip=139.198.1.197; from=<htlywkemvmx@mail2emergency.com> to=<a.user@domain.com> proto=SMTP helo=<78.46.112.235>
Oct 11 10:49:55 mx postfix/smtpd[6257]: NOQUEUE: reject: RCPT from ww1.sndr.com[88.99.238.130]: 554 5.7.1 Service unavailable; Unverified Client host [ww1.sndr.com] blocked using reject_rhsbl_sender; from=<anjuh@sndr.com> to=<user@domain.com> proto=ESMTP helo=<mail.sndr.com.>
$
$ zmprov gacf | grep zimbraMtaRestriction
zimbraMtaRestriction: reject_non_fqdn_sender
zimbraMtaRestriction: reject_unknown_sender_domain
zimbraMtaRestriction: reject_rbl_client zen.spamhaus.org
zimbraMtaRestriction: reject_rbl_client psbl.surriel.com
zimbraMtaRestriction: reject_rbl_client bl.spamcop.net
zimbraMtaRestriction: reject_rbl_client
zimbraMtaRestriction: reject_rhsbl_client dbl.spamhaus.org
zimbraMtaRestriction: reject_rhsbl_client multi.surbl.org
zimbraMtaRestriction: reject_rhsbl_reverse_client dbl.spamhaus.org
zimbraMtaRestriction: reject_rhsbl_reverse_client
zimbraMtaRestriction: reject_rhsbl_sender multi.surbl.org
zimbraMtaRestriction: reject_rhsbl_sender rhsbl.sorbs.net
zimbraMtaRestriction: reject_rhsbl_sender dbl.spamhaus.org
zimbraMtaRestriction: rbl_override lmdb:/opt/zimbra/conf/rbl_override
As you can see, sometimes the blacklist (surriel) is referenced in the message and sometimes it is just a generic Unverified Client host [ww1.sndr.com] blocked using reject_rhsbl_sender. In the second case how do I investigate the actual reason of the rejection?