I have a postfix setup similar to ISPconfig.org's ruleset. Because of a failing RBL (SERVFAIL DNS response), Postfix rejected many incoming messages with a 451 4.7.1. type temporary failure instead of reporting the real error message:
NOQUEUE: reject: RCPT from x[y] 450 4.7.1 <y>: Client host rejected:
Service unavailable; from=<bounce@x> to=<x@y> proto=ESMTP helo=<x>
This is like what I would expect:
NOQUEUE: reject: RCPT from x[y] 450 4.7.1 <y>: Client host rejected:
Service unavailable; Client host [x] blocked using zen.spamhaus.org;
https://www.spamhaus.org/sbl/query/SBLCSS /
https://www.spamhaus.org/query/ip/x; from=<bounce@x> to=<x@y>
proto=ESMTP helo=<x>
I would like to be less dependant on temporary failures of RBLs and specify that SERVFAIL responses should be ignored (treated as though the RBL wasn't specified at all). Or better yet, be able to specify a timeout "tempfail" response so that when a RBL fails for more than X minutes, it is simply ignored until Postfix is restarted.
From a users perspective, a temporarily slightly worse spam filter is much less severe than mails being delayed until the admin decides to have a look.
Are there any mechanisms in Postfix (3.1, Ubuntu 16.04 LTS) to allow this?
