i try to send a message from my gmail account to one of the addresses hosted by my mail server and get the following message:
Delivery to the following recipient failed permanently:
xxxxxxxxxx@xxxxxxxx.com
Technical details of permanent failure: Google tried to deliver your
message, but it was rejected by the server for the recipient domain
xxxxxxxxx.com by mail.xxxxxxx.com. [xxx.xxx.xxx.xxx].The error that the other server returned was: 554 5.7.1 Service
unavailable; Client host [mail-we0-f180.google.com] blocked using
blackhole.securitysage.com
i have never seen this message before and my mail server has always accepted gmail emails until today.
i found the following relevant lines in my /etc/postfix/main.cf file:
relay_domains = hotmail.com gmail.com, etc
smtpd_delay_reject = yes
smtpd_recipient_restrictions =
reject_rhsbl_client blackhole.securitysage.com,
reject_rhsbl_sender blackhole.securitysage.com,
i noticed that the relay_domains entry does not have google.com – it only has gmail.com. so:
- has gmail recently changed the name of their mailserver?
- or has gmail (or my pc?) been hacked to reroute traffic through blackhole.securitysage.com?
i have no idea what the reject_rhsbl_client and reject_rhsbl_sender entries are. if someone can explain them to me that would be good. i just went to the securitysage.com site and it says "site under reconstruction, 80% complete", so maybe my mail server is failing because it is not getting a confirmation from securitysage.com?
Best Answer
You will find that blackhole.securitysage.com is a list of domain names commonly used by spammers, and is thus being blocked by your mail server. You can safely comment out those lines, as they are not a standard method of detecting spam.
If you want to do spam filtering, you will want to look at spamassassin (and you may even want to incorporate blackhole.securitysage.com rules into it), but you obviously don't want to simply reject emails based solely on a third parties list of questionable domains.
Google RBL and RHSBL to get a better understanding of these technologies - they are a double edged sword, and are as likely to cut you as a spammer if not wielded wisely !