Relay-authorized users not excepted from zen.spamhaus.org

[rihad]

Hi, when I choose "Switch on spam protection based on DNS blackhole lists" and enter zen.spamhaus.org, any user sending email is being filtered, including those in permitted IP subnets, and those giving proper SMTP credentials. So I had to turn it off. The command to run the daemon was:

/usr/sbin/rblsmtpd -r zen.spamhaus.org /var/qmail/bin/relaylock /var/qmail/bin/qmail-smtpd /var/qmail/bin/smtp_auth /var/qmail/bin/true /var/qmail/bin/cmd5checkpw /var/qmail/bin/true

Which is incorrect. One way would be to use tcpserver before qmail-smtpd, and tcp.smtp:
client.ip.subnet..:allow,RELAYCLIENT="",RBLSMTPD=""

/usr/local/bin/tcpserver -S -H -R -c50 -x /path/to/tcp.smtp.cdb -u 89 -g 82 0 smtp \
/usr/local/bin/rblsmtpd -c \
-r zen.spamhaus.org

Another way would be to use a patched version of qmail that would automatically exclude SMTP auth clients from DNSBL checks.

 

[lvalics]

Do not use ZEN, use only SBL.spam....
ZEN will stop a lot of legitimate users with no reverse DNS for ex.