Here's a proposed diff for the POSTSCREEN_README:

rob0@harrier:~/stuff/postscreen.dnswl$ diff -Nru POSTSCREEN_README*
--- POSTSCREEN_README   2013-04-12 03:34:16.000000000 +0000
+++ POSTSCREEN_README.new       2013-04-24 21:04:06.155395154 +0000
@@ -245,6 +245,7 @@

   * Pregreet test
   * DNS White/blacklist test
+    * Skipping other tests for whitelisted clients
   * When tests fail before the 220 SMTP server greeting

 Pregreet test
@@ -315,6 +316,17 @@
 the combined DNSBL score is equal to or greater than the threshold. See "When
 tests fail before the 220 SMTP server greeting" below.

+Skipping other tests for whitelisted clients
+
+The postscreen_skip_tests parameter lists the short names of tests which will
+be skipped if a client's combined DNSBL score is less than or equal to
+postscreen_skip_tests_threshold. This only makes sense when using whitelists
+with negative weights in the postscreen_dnsbl_sites list.
+
+The tests which can be skipped are all but the DNSBL test itself. The default
+is to perform the blacklist and MX policy tests, but skip the greet test and
+all the "deep protocol" tests, described below.
+
 When tests fail before the 220 SMTP server greeting

 When the client address matches the permanent blacklist, or when the client
@@ -612,6 +624,7 @@
         postscreen_dnsbl_threshold = 2
         postscreen_dnsbl_sites = zen.spamhaus.org*2
             bl.spamcop.net*1 b.barracudacentral.org*1
+            list.dnswl.org*-1 swl.spamhaus.org*-1

     Note: if your DNSBL queries have a "secret" in the domain name, you must
     censor this information from the postscreen(8) SMTP replies. For example:
-- 
  http://rob0.nodns4.us/ -- system administration and consulting
  Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:

Reply via email to