On Mon, 30 Jan 2012 19:17:17 -0500 (EST), Wietse Venema <wie...@porcupine.org> wrote: > Mark Alan: > > > > Would the following be an acceptable way to do it? > > > > postconf -e 'postscreen_access_list = reject' > > > > postconf -e 'soft_bounce = yes' > > > > > > Only if this is documented. The soft_bounce parameter is listed on > > > the postscreen(8) manpage, this is perhaps a sufficient promise to > > > match user expectations and so I would expect it to work. > > > > Sadly it does not. > > Although postscreen marks it as BLACKLISTED, then tlsproxy kicks in > > and lets the email pass: > > > > Only because you failed to configure "postscreen_blacklist_action = > drop". > > Wietse
Not exactly a failure, as doing so would instruct postscreen to simply DISCONNECT (i.e., drop the connection immediately). In which case a single 'master_service_disable = inet' would be more elegant and similarly effective. My question should have been: Using only the frugal postscreen resources is there a way to achieve something like 'postscreen_blacklist_action = defer' , i.e., to configure it to immediately NOQUEUE all connections with a 450 SMTP reply? Thank you, M.
