On Wed, Jun 24, 2009 at 10:15:39PM -0600, LuKreme wrote:
> On 23-Jun-2009, at 06:31, Jan P. Kessler wrote:
>> Another option is to use selective greylisting on "unknown" clients:
>>
>> MAIN.CF
>> smtpd_recipient:_restrictions =
>> permit_mynetworks,
>> <...others...>,
>> check_client_access = pcre:/etc/postfix/client_check
No "=" sign between "check_client_access" and the table name.
>> /etc/postfix/client_check:
>> /^unknown$/ check_policy_service inet:127.0.0.1:10031
>
> Oh yes, that works. In fact, I thought I already had that in my
> check_client_fqdn.pcre file, I guess I overlooked it.
It is somewhat fragile, because it fails to distinguish between
transient and permanent lookup errors. The policy service needs
to be careful to not reject outright (greylisting is perhaps
safe, but one needs to understand the limitations of this approach).
--
Viktor.
Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.
To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:majord...@postfix.org?body=unsubscribe%20postfix-users>
If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.
