Hi all, We have installed postscreen on our mail servers, with a table lookup to a postgres database. The lookup also records the client details (IP address), and we have a basic Java front end with lookups to maxmind to get location information. The tools allows us to block by CIDR, and monitor connection over time to identify various forms of attacks. It has been an eye opener. For reference, we also record mail from: and perform the usual checks after rcpt to:, and the mail from is checked against a whitelist in the same database which is also managed by our end users.
However, I would like to have the option to delay the rejection by capturing mail from/rcpt to, but there seems not be a a suitable config entry, the closest I have found is “check_client_a_access", but this option perform a check of the IP of the host, but I would like to have a table lookup akin to “check_client_ip_address” for consistency with the current connection. Hopes this makes sense, and some help is greatly appreciated. Our reference installation has been updated to the 3.3.1, from source on a centos system. Thank you. Kind regards, Hans E.
