Closed dazoot closed 2 years ago
It's a common way to respond to blacklisted IP addresses. Instead of sending 220... they send 5xx and close the connection. Once they have removed your IP from the list they start accepting connections again.
The problem is that in this situation Zonemta triggers a bounce on try 1 REJECTED[policy]
and does not go through the bounces.txt
which states that for this situation the action is to defer
.
All bounce responses go through the same processor. What happens here is that this bounce is invalidly detected as policy, while it should be a blacklist entry. You can test those messages manually like this:
~/zone-mta $ echo '554 5.7.0 Blocked - see https://support.proofpoint.com/dnsbl-lookup.cgi?ip=1.1.1.1' | node ./bin/check-bounce.js
data : 554 5.7.0 Blocked - see https://support.proofpoint.com/dnsbl-lookup.cgi?ip=1.1.1.1
action : reject
message : Unknown Security Or Policy Concern
category : policy
code : 554
status : 5.7.0
line : 525
The script at ./bin/check-bounce.js
(or the CLI command check-bounce
if you have installed zone-mta globally) tells you how does it categorize that specific message.
Great. I have updated bounces.txt
to identify it as deferred and now i can reroute the mail.
Looks like the icloud / proofpoint is giving a non standard SMTP response greeting ?