Now, "feature request" is actually not the right word - it's more an idea, and probably somebody just needs to tell me it's a bad one.
With the postscreen_dnsbl_sites setting, each site administrator can configure a list of DNS blacklists that new SMTP connections will be checked against (excluding whitelisted hosts). The actual lookups are done by dnsblog(8), and the result ist logged by postscreen(8) similar to this: postfix/postscreen[3074]: DNSBL rank 3 for 210.123.30.94 Would it be a good idea to extend the existing funcionality in a way that allows the postmaster to add a "score" for each blacklist and have postscreen(8) drop the connection only if a certain minimum score is reached (and it is configured to drop connections not passing the DNSBL test, of course)? Something like: postscreen_dnsbl_sites = bl-a.example.com:2 bl-b.example.com:1 bl-c.example.com:2 postscreen_dnsbl_score_threshold = 3 (it's probably better to use a hash: or other indexed table to configure those scores) This is similar to what some policy server, e.g. policyd-weight, do - with the added benefit that a connection would never reach a real smtpd(8) if the score is exceeded. Does that sound like a somewhat reasonable idea, or more like b/s? Stefan
