On 13.08.18 21:36, Danny Horne wrote:
I'm trying out Postscreen after having used Postgrey for some time. The reason for the switch is that Postgrey can cause emails from Google etc. to take a long time to come through due to the large number of IP addresses they use (and I don't want to whitelist the GMail addresses).
you can safely whitelist gmail addresses at postgrey level, as long as on postscreen level. note that both are designed to avoid spambots, which gmail servers are not. you just must/should not white those two at other levels (postfix, spamassassin etc).
Here's the changes I've made, they're all default from the manual, and I include the Postscreen logs, I was expecting more, but had been receiving emails from the same GMail address so it was possibly already whitelisted. Note: These are only the changes I've made.
master.cf smtp inet n - n - 1 postscreen smtpd pass - - n - - smtpd dnsblog unix - - n - 0 dnsblog tlsproxy unix - - n - 0 tlsproxy main.cf postscreen_access_list = permit_mynetworks postscreen_dnsbl_threshold = 2 postscreen_dnsbl_sites = zen.spamhaus.org*2 bl.spamcop.net*1 b.barracudacentral.org*1 postscreen_dnsbl_action = enforce postscreen_greet_action = enforce Logs Aug 13 21:24:10 kepler postfix/postscreen[12013]: CONNECT from [2a00:1450:4864:20::529]:38530 to [2001:41d0:2:25a6:2::1]:25 Aug 13 21:24:16 kepler postfix/postscreen[12013]: PASS NEW [2a00:1450:4864:20::529]:38530
so, what is the problem? Note that bost DNS blacklist/whitelists don't list ipv6 addresses. Unhless the 2a00:1450:4864:20::529 sends pregreet text, there's no need to block it. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. I don't have lysdexia. The Dog wouldn't allow that.
