5 messages in net.sourceforge.lists.courier-usersRe: [courier-users] Way to override a...
FromSent OnAttachments
Greg EarleDec 17, 2004 11:13 am 
Mark BucciarelliDec 17, 2004 11:25 am 
Gordon MessmerDec 17, 2004 11:44 am 
Greg EarleDec 17, 2004 6:03 pm 
Gordon MessmerDec 17, 2004 9:31 pm 
Actions with this message:
Paste this link in email or IM:
Paste this link in email or IM:
Atom feed for this thread
Paste this URL into your reader:
Subject:Re: [courier-users] Way to override a mistaken SORBS block by unsetting BLOCK?Actions...
From:Greg Earle (ear@isolar.DynDNS.ORG)
Date:Dec 17, 2004 6:03:39 pm
List:net.sourceforge.lists.courier-users

On Dec 17, 2004, Mark Bucciarelli wrote:

On Friday 17 December 2004 14:12, Greg Earle wrote:

Short of not using SORBS, is there anything else that I can try? I really don't like the idea of disabling the SORBS check, but he has to be able to send mail out ...

There's probably a better way, but I bet you could do what you want using BLOCK2 instead of BLOCK and a maildrop filter.

To be honest, the "BLOCK2" stuff confuses me. Is there some difference in behavior between "BLOCK" and "BLOCK2"?

I thought that by using

BLACKLISTS='-block=dnsbl.sorbs.net,BLOCK'

meant that "couriertcpd" gets invoked with

-block=dnsbl.sorbs.net,BLOCK

as an argument, and that if the SORBS test returns (a false) positive, to set "BLOCK" in the environment of the caller, and "esmtpd" would trigger off of this and block the relay with a 511 code (what's this code for?). If "BLOCK2" is used, then what happens?

On Dec 17, 2004, Gordon Messmer wrote:

Greg Earle wrote:

In my /path/to/courier/etc/smtpaccess/default file, there is 137.78 allow,RELAYCLIENT,BOFHCHECKDNS=0

Change that to:

137.78 allow,RELAYCLIENT,BLOCK,BOFHCHECKDNS=0

This will set "BLOCK" to an empty value, and your co-worker won't be blacklisted.

Again, this seems non-sequitur-ish: it seems like the $BLACKLISTS construct has the same effect ("if blocked in dnsbl.sorbs.net, then set $BLOCK") - yet doing that causes the block; whereas you're saying if "BLOCK" is set to an empty value here, it won't. What's the difference?

Short of not using SORBS, is there anything else that I can try? I really don't like the idea of disabling the SORBS check, but he has to be able to send mail out ...

I *think* that AUTHenticating yourself also gets you past the BLOCK setting. I might be wrong.

Indeed it does! Thanks Gordon. This is actually my/our preferred solution - we'd prefer it if everyone that sent mail out through our Courier server use Authenticated SMTP anyway. So I think we'll close this out by having my co-worker leave Authentication enabled and skip the addition of ",BLOCK" to smtpaccess/default.

Thanks to both of you for your replies.

- Greg