On 1/31/2012 7:55 AM, Mark Alan wrote: > The intention is to simply have postscreen immediately answer '450 > Service currently unavailable' to all connections (friend or foe) that > are presented to it. > > So, ideally: > a) postscreen must answer. It is not enough to simply drop the > connection as 421 does;
The 421 is an answer. You don't seem to understand this. You can even append extra text with postscreen_reject_footer. postscreen_reject_footer = maintenance in progress, try again later. > b) it must the answer as it does at every first encounter with a new > IP, i.e., with a '450 Service currently unavailable'. Is the 450 response a requirement? Earlier you said defer and 4xx, which is exactly what the 421 response does. If you *must* have a 450 response for some client that doesn't fully implement SMTP, use "postscreen_blacklist_action = enforce" rather than drop. > It did not imagine that it would be so difficult to configure > postscreen/postfix to achieve such a simple specification. It seems either your requirements keep changing or you fail to understand the answers given you. -- Noel Jones
