On Tue, Apr 12, 2016 at 4:30 AM, @lbutlr <[email protected]> wrote: > > > On Apr 10, 2016, at 5:37 PM, Curtis Villamizar <[email protected]> > wrote: > > > > In message <[email protected]> > > "@lbutlr" writes: > >> > >> On Apr 10, 2016, at 10:24 AM, Curtis Villamizar = > >> <[email protected]> wrote: > >>> postscreen_dnsbl_sites =3D > >>> list.dnswl.org*-5 > >>> # followed by some blacklist sites > >> > >> It was my understanding that eh the order of test said not matter > >> because all the dnsbls listed would be checked, a final score > >> computed, and then that compound number passed along to postscreen. > > > > Nobody ever said there was an order dependence. > > “Followed by” does imply that order may be significant. > > > > > btw- I don't think list.dnswl.org is a viable workaround for the post > > 220 problem. This just affects the dnsbl score which would already be > > zero. The post 220 checks would still be run before putting the gmail > > server IP into the temporary whitelist. Manual maintenance of > > postscreen_access is the only thing that would work. > > Isn’t it that if an IP hasn’t been seen and scores 0 postscreeen sends a > temporary failure, so scoring it negative means it gets an immediate pass? > > I know that enabling post screen and dnswl stopped the issues with large > mailers on my system.
Curtis: +1 to the suggestion of properly using dnswl.org. But if you'd also like to automatically scan the SPF records of mailers you trust (including Gmail) and build an up-to-date Postscreen whitelist based on their published SMTP servers, then Postwhite maybe of interest to you: http://www.stevejenkins.com/blog/2015/11/postscreen-whitelisting-smtp-outbound-ip-addresses-large-webmail-providers/ SteveJ
