Hi, >> I've implemented postscreen with postfix-2.9.4 on fc17 and it is >> rejecting mail from alice.it and libero.it, which are apparently two >> ISPs in Italy. We receive a large number of messages that are rejected >> due to postscreen, but now we have one email address from each domain >> that we need to allow the ability to send to us. >> >> Is there no alternative to creating a postscreen access list that >> permits mail from the /24 for these domains just for these two users, >> then let spamassassin filter the junk? I'd also then have to whitelist >> the users in spamassassin as well. > > The purpose of postscreen is to block spambots regardless of what > email they send. > > You can exclude an entire IP address range with postscreen_access_list, > again, regardless of what email they send. > > For per-recipient exceptions use smtpd_mumble_restrictions or > postfwd.
I haven't been able to find much available on the proper use for smtpd_mumble_restrictions. It doesn't seem to be documented with postscreen or the postconf page or even my postconf output. I'm already excluding entire ranges with a postscreen access list, but as I mentioned, I was hoping to avoid that, because there are only two legitimate users I'm concerned with, and dozens or more messages that would otherwise be spam rejected per day. I'd like to continue to be able to reject outright the spam and only permit messages from these two users. I also understand that organizations use separate IPs from those listed in their MX records -- that was my point. I have no way of knowing what those IPs are, except through trial and error, looking through logs and correlating them with addresses, etc. I realize postscreen is more of a "sender" restriction and I'm really looking for it to do "client" restrictions. Thanks, Alex
