On Tue, 15 Jul 2003, Jeff Green wrote:
> deny log_message = (ACL) RBL rejection
> message = Administrative prohibition: if you believe this is in
> error please resend to postmaster
> dnslists = relays.ordb.org :\
> orbs.dorkslayers.com :\
> relays.osirusoft.org :\
> sbl.spamhaus.org :\
> opm.blitzed.org
> hosts = +rbl_hosts
I can't answer your actual question, but two things here seem to be
sub-optimal.
If you had included $dnslist_domain into your log_message, then you
would already know which of the dnslists had triggered the rejection.
As it is, you're stumbling around looking at the situation at a
different point in time, and (not so very surprisingly) getting a
different answer.
On my second point I'm not 100% sure, but it seems to me that with the
recipe as written, you're going to look-up the DNS lists for all
hosts, and then effectively ignore the answer for those which aren't
in +rbl_hosts: wouldn't it be preferable to get that +rbl_hosts test
done first, to avoid the DNS lookup overhead for hosts that arent in
+rbl_hosts ?
(I'm not sure whether I'm in any position to comment on your choice of
RBLs - but I thought dorkslayers was out of action, for one thing.)
