Am 18.01.2015 um 00:00 schrieb Eugene R:
-----Original Message----- From: li...@rhsoft.net
Sent: Saturday, January 17, 2015 7:29 AM
> Actually the set I have is surprisingly effective and also surprisingly
> good in keeping FPs low -- much, much better than anything I saw
from SA
> and DSPAM, and with virtually no server or management overhead. That's
> why I only want a controlled workaround for misconfigured senders
just setup "rbldnsd" and use "permit_dnswl_client" with your own
whitelist, that way you can even create different return values of
your whitelist and place them to override different stages of your
restricitions by trust-levels
Actually access maps can be used for whitelists, should be easier
but can be forged, everybody can use any envelope as long the sending
domain don't use SPF *and* the RCPT server don't check SPF records
you can't fake a TCP source address the same way
so if you use access maps i only need to guess which senders bypass your
restrictions adn just use them as envelope
But in my scenario, the problem senders are not known in advance and cannot
be predicted
then you can simply not use restrictions which are producing false
positives in your environment
