/dev/rob0:
> I finally got around to my upgrade to 2.11-20130405 and was watching 
> logs. A gmail message fell afoul of the after-220 tests; each time it 
> came from a different host. Each one got a "PASS NEW" and of course 
> the "450 4.3.2 Service currently unavailable" rejection.
> 
> These gmail outbounds are all listed in list.dnswl.org as 127.0.5.1, 
> and I give that a negative score in my postscreen_dnsbl_sites. So 
> with no offsetting DNSBL scores, these hosts all got a subzero score.
> It would be nice if we could put those whitelist scores to work, and 
> not have to maintain so big of a postscreen_access_list whitelist.

Disabling tests based on DNSWL score would make sense (currently
they "disable" DNSBL tests only). Perhaps this needs a "disable"
flag in the postscreen cache.

        Wietse

Reply via email to