On 2 Sep 2021, at 23:24, Jeremy Harris via Exim-users <exim-users@???> wrote:
> On 02/09/2021 20:25, krzf83--- via Exim-users wrote:
>> # nc mx.poczta.onet.pl 25
>> 220-mx.poczta.onet.pl ESMTP
>> 521 5.7.1 Service unavailable; client [144.76.50.172] blocked using
>> postscreenbl.opbl.onet.pl.local
>
> That is not a consistent response. The first line is a 220 (with a flag
> saying it will be a multi-line response). The second is a 521 (without
> the flag, hence the last line).
>
> All the lines of the response should have the same code
> (RFC 5321 section 4.2.1 last para:
> "In a multiline reply, the reply code on each of the lines MUST be the
> same."
> )
This is postscreen, see:
http://www.postfix.org/POSTSCREEN_README.html
The site can configure it correctly to delay the enforcement until a mail transaction, but have instead gone with “drop”. Because the DNSBL check is run in parallel with pre-greeting tests, you get the “teaser” 220- followed by the 521 failure. It’s obviously wrong, but perhaps Exim should consider the last line of a response instead of the first for purposes of evaluation?
Cheers,
Sabahattin