>>> Use a dns white list with a negative score in the >>> postscreen_dnsbl_sites, and set a negative value for >>> postscreen_dnsbl_whitelist_threshold. Simple example: >>> # main.cf >>> postscreen_dnsbl_sites = zen.spamhaus.org list.dnswl.org*-1 >>> postscreen_dnsbl_whitelist_threshold = -1 >> >> I've added the following to main.cf: >> >> postscreen_dnsbl_sites = list.dnswl.org*-1 >> postscreen_dnsbl_whitelist_threshold = -1 >> >> Thank you for your help! > > Yes, that should whitelist known good sites from deep inspection, > certainly all the big mailers such as google, yahoo, comcast, etc. > > However, I wonder why you don't have any dns blacklists such as > zen.spamhaus.org defined there. The ability of postscreen to reject > known bad sites without using precious smtpd processes is one of its > key features.
I would just rather have a false negative than a false positive. I get a pretty small amount of spam at this point so I don't think reducing it further is worth increasing the chances of a false positive. - Grant
