On 8/25/2010 6:17 PM, Wietse Venema wrote:
Noel Jones:
On 8/25/2010 4:27 PM, Wietse Venema wrote:
Noel Jones:
As I see it, there are two complementary paths we can take
with DNS whitelists, each with a slightly different purpose.
While these are both useful, neither depends on the other, so
postfix can implement either or both.
I'll read the entire proposal later.
Would this notation work:
dnswl1.example.com=127.0.0.2*weight1, dnswl2.example.com=127.0.0.1*weight2
dnsbl3.example.com=127.0.0.3*weight3, dnsbl4.example.com=127.0.0.1*weight4
It would reduce the number of config parameters.
Yes. Both the A filter and the weight would need to be
optional. ie, if you want any result to have a custom weight,
it must accept
dnsbl1.example.com=*weight
I assume the syntax would be like this:
domain[=addr][*weight]
where content inside [] is optional.
Excellent.
Currently, postscreen does not look up the client hostname, that
is something that can be added later when there is time.
I know. I was just hoping the hostname would be available in
the new-and-improved postscreen discussed elsewhere.
The primary goal is to keep spambots away from Postfix, so I'll
focus on features that do for the short term. The only luxury will
be the dummy SMTP engine that logs the rejected client, helo,
sender, recipient. Right now I don't miss that at all.
I've been reluctant to turn on postscreen dns blacklists on
the main MX because it's so much harder for me to find the
once-in-a-blue-moon FPs. But it runs gangbusters on the
secondary.
I won't miss the dnsbl hostname lookups in postscreen (it also
eliminates a few more parameters), but it would still be nice
to have simple hostname rhswl support in smtpd as described
later in my outline. I see these as complementary features.
-- Noel Jones
