On Mon, May 13, 2013 at 05:12:49AM -0600, LuKreme wrote: > I have postscreen running well after having it run in non-blocking > mode for awhile, but I continue to see ‘new’ google servers every > day. > > My mailserver is very low volume, so I am afraid that this is a > problem that will never go away as google servers drop-off the > whitelist and then messages hit the postscreen again.
I've been in blocking mode for over two years, most of which had enabled the after-220 tests, and yes, this is an ongoing problem. > Other than disabling postscreen which I’m not going to do, is there > anything I can do to whitelist all the google.com domains? I mean, If only Google is your concern, you can build a whitelist rather easily as other posters point out. > I trust them to be delivering mail that is desired and will aways > pass. Is there a list of the google mail servers that I can add to > the postscreen cidr list and can keep up-to-date easily? All the Google, Facebook, Yahoo, et c. outbounds as well as most ISPs and legitimate bulk mailers are listed in the dnswl.org whitelist. Your best choice is to upgrade to postfix-2.11-20130512 and use the new feature (see Wietse's thread about it yesterday.) Seems to be working here. I've only had 8 "Service currently unavailable" / "PASS NEW" rejections by postscreen since last night, and at least half of those look like zombies. The rest: poorly-run ESPs. -- http://rob0.nodns4.us/ -- system administration and consulting Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
