Got a bit of a weird problem here with Postfix.
Been getting a whole bunch of notices where fail2ban has banned 18.104.22.168 (ryujin.darkdna.net) for failures against Postfix.
Here is a relevant snippet from Postfix’s log:
Jan 13 17:56:26 postfix/smtpd: connect from ryujin.darkdna.net[22.214.171.124] Jan 13 17:56:26 postfix/smtpd: NOQUEUE: reject: RCPT from ryujin.darkdna.net[126.96.36.199]: 554 5.7.1 Service unavailable; Client host [188.8.131.52] blocked using b.barracudanetworks.org; from=<firstname.lastname@example.org> to=<******> proto=ESMTP helo=<ryujin.darkdna.net> Jan 13 17:56:27 postfix/smtpd: disconnect from ryujin.darkdna.net[184.108.40.206]
This happens about 4-5 times per day, depending on how much mail gets sent from that maillist.
Now, I get and see that Postfix blocks it as a result of a match against the b.barracudanetworks.org blacklist.
What I don’t get is why. As far as I can see from two blacklist checkers (mxtoolbox.org and anti-abuse.org) neither the IP 220.127.116.11 nor the hostname ryujin.darkdna.net is actually listed. (For what it’s worth, the host/IP in question seems to be one of Linode’s).
This isn’t the only host it’s blocked. Postfix has apparently been doing this for a while now, blocking hosts it thinks is in the barracudanetworks blacklist when they aren’t.
I can access their blacklist just fine from my computers, after following their testing instructions.
I’m stumped, and would appreciate some help or pointers on where to look!
You’ve mistyped the domain name. It should be
b.barracudacentral.org, but you entered
b.barracudanetworks.org. Correct this in your Postfix
smtpd_recipient_restrictions = ... reject_rbl_client b.barracudacentral.org,
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.