I thought I fixed it before.

Poking at my mail server's inbox, I noticed a ton of stuff that should probably have been caught by the SBL, but wasn't. The e-mail log showed a ton of "not allowed" notes on lines related to the Spamhaus DQS. I logged into their portal and checked their configuration how-to.

I seem to have missed or skipped a step, creating the reply map, so I did that quickly, and reloaded my postfix configuration. I hit their blocker tester, and passed with flying colors (all greens). And my mail server logs showed a bunch of successful look-up notes instead of rejections.

We'll see if that helps cut down on the garbage.

This stems from changes they made from their open block list queries. It used to be anyone could put their DQS URLs into their anti-spam tools, but a while ago they changed it so you have to register. You still get access for free, but now it requires you to register for a key. I did that a bit ago, and changed the URLs in my configuration to contain my keys, but I missed that step with the reply maps. Not sure how that would have caused a full failure; it looks like it should have rejected the message with a generic message, but it did not.

Of course, now that I've changed it, no new inbound messages have hit the server since I started tapping out this reminder.