The ... was many lines above and below in that file. The output shows 'permit' like expected. I keep forgetting about that very handy postmap -q command for troubleshooting.
This may have been a typ-o I just found. Sorry for the false alarm. I have been trying to bypass dnsbl and rate limiting for SASL authenticated senders and I may have put an invalid option in the postscreen_access_list. I get so much mail that I didn't see the warning: in the logs until now. Is there something like permit_sasl_authenticated that could be put in the postscreen_access_list and the smtpd_client_event_limit_exceptions that could bypass dnsbl and rate limiting for SASL authenticated senders? On Thu, Aug 4, 2016 at 2:13 PM, Wietse Venema <wie...@porcupine.org> wrote: > Dave Jones: >> I have to be overlooking something here but I have tripple >> checked everything and read the documentation multiple >> times. >> >> I am trying to use https://github.com/stevejenkins/postwhite >> to bypass postscreen checks, primarily dnsbl checks. It >> appears that postscreen is not bypassing dnsbl checks: >> >> main.cf >> ======= >> postscreen_access_list = >> permit_mynetworks, >> cidr:/etc/postfix/postscreen_spf_whitelist.cidr >> >> /etc/postfix/postscreen_spf_whitelist.cidr >> =============================== >> ... >> 69.252.207.0/25 permit > > What is in the "...'? > >> Jul 28 07:41:30 mail3 postfix/postscreen[9105]: NOQUEUE: reject >> RCPT from [69.252.207.29]:34789: 550 5.7.1 Service unavailable; >> client [69.252.207.29] blocked using ubl.unsubscore.com; >> from=<graph...@atomicgraphics.biz>, to=<some...@example.com>, >> proto=ESMTP, helo=<comomta-ch2-03v.sys.comcast.net> > > Try: > > postmap -q 69.252.207.29 cidr:/etc/postfix/postscreen_spf_whitelist.cidr > > Wietse
