Hi i am not 100% if the proposed setup below works in a way the "permit_dnswl_client" in the client restrictions not override the rejects in sender_restrictions or should i better use the second version below with all combined
blacklists are planned with scoring and postscreen machine will be inbound only and the idea is to have 4 internal DNS whitelists with different weight also used in postscreen and if i find a way to generate spamassasin configs respecting the listed IP's and CIDR-Ranges backed in a database to have them as centralized solution on the whole system _________________________________________________________________ smtpd_client_restrictions = permit_mynetworks permit_dnswl_client dnswl-unconditional.example.com permit_dnswl_client dnswl-high.example.com reject_unknown_reverse_client_hostname permit_dnswl_client dnswl-medium.example.com check_client_access proxy:regexp:/etc/postfix/spam-ptr.cf smtpd_recipient_restrictions = permit_mynetworks reject_non_fqdn_recipient reject_non_fqdn_sender reject_unauth_destination reject_unauth_pipelining reject_unknown_sender_domain reject_unknown_recipient_domain permit_dnswl_client dnswl-unconditional.example.com permit_dnswl_client dnswl-high.example.com permit_dnswl_client dnswl-medium.example.com permit_dnswl_client dnswl-low.example.com check_policy_service unix:private/spf-policy smtpd_relay_restrictions = reject _________________________________________________________________ smtpd_recipient_restrictions = permit_mynetworks reject_non_fqdn_recipient reject_non_fqdn_sender reject_unauth_destination reject_unauth_pipelining reject_unknown_sender_domain reject_unknown_recipient_domain permit_dnswl_client dnswl-unconditional.example.com permit_dnswl_client dnswl-high.example.com reject_unknown_reverse_client_hostname permit_dnswl_client dnswl-medium.example.com check_client_access proxy:regexp:/etc/postfix/spam-ptr.cf permit_dnswl_client dnswl-low.example.com check_policy_service unix:private/spf-policy smtpd_relay_restrictions = reject _________________________________________________________________ thanks for feedback!
