After travel and several deadlines I started work this weekend on
the idea to allow SMTP clients to skip postscreen tests based on
their postscreen_dnsbl_sites score.
This required a little code reorganization (for the better) so that
I could whitelist tests thusly:
for (n = 0; n < TESTCOUNT; n++)
if test[n] not already completed
mark test[n] as completed
This code reorganization allowed me to clean up parts of postscreen
and replace N almost-identical blocks of code with a loop.
I simplified the user interface. Below is a draft manpage.
Wietse
postscreen_dnsbl_whitelist_threshold (default: 0)
The inclusive upper bound for whitelisting a remote SMTP client, based
on its combined DNSBL score as defined with the postscreen_dnsbl_sites
parameter. This allows a client to skip the pregreet test and the
"after 220 greeting" protocol tests.
Specify a negative value to enable this feature. When a client passes
the postscreen_dnsbl_whitelist_threshold without having failed other
tests, all pending tests are flagged as completed with a time-to-live
value equal to postscreen_dnsbl_ttl. When a test was already com-
pleted, its time-to-live value is updated if it was less than
postscreen_dnsbl_ttl.
This feature is available in Postfix 2.11.
