>Len Conrad:
>> We have an IP whitelisted because it was also blacklisted, but
>> the postscreen whitelist comes after the postscreen blacklist,
>> and the IP is still being postscreen dropped as blacklisted.
>>
>> the man page says nothing about the order of the main.cf postscreen params.
>
>main.cf syntax is in the postconf(5) manpage.
>
>When in doubt, "postconf -n" output may be helpful.
postconf -n | egrep postscreen
postscreen_blacklist_action = drop
postscreen_blacklist_networks =
mysql:/usr/local/etc/postfix/mysql-mta_clients_b.cf
postscreen_cache_map = btree:$data_directory/ps_cache
postscreen_cache_ttl = 1d
postscreen_dnsbl_action = drop
postscreen_dnsbl_sites = zen.spamhaus.org
postscreen_greet_action = drop
postscreen_greet_banner = $smtpd_banner
postscreen_greet_wait = 2
postscreen_hangup_action = drop
postscreen_post_queue_limit = $default_process_limit
postscreen_pre_queue_limit = $default_process_limit
postscreen_whitelist_networks = $mynetworks,
hash:/usr/local/etc/postfix/mta_clients_white.map
postmap -q "12.184.45.106" /usr/local/etc/postfix/mta_clients_white.map
ok
but still
Dec 9 15:16:01 mx101 postfix/postscreen[94732]: BLACKLISTED 12.184.45.106
we are getting postscreen whitelist hits:
egrep -i "postscreen" /var2/log/maillog | awk '{ print $6}' | sort -f | uniq
-ic | sort -rfn
1404371 DNSBL
561433 BLACKLISTED
263804 PREGREET
209050 PASS
22237 HANGUP
7792 reject:
862 WHITELISTED
455 warning:
65 fatal:
7 error:
Len
