this is my postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
allow_percent_hack = no
allow_untrusted_routing = yes
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
content_filter = smtp-amavis:[127.0.0.1]:10024
debug_peer_list = 213.97.47.158 192.168.1.4
home_mailbox = Maildir/
inet_interfaces = all
inet_protocols = ipv4
mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME
mailbox_size_limit = 0
masquerade_domains = almogavers.net
message_size_limit = 102400000
milter_default_action = accept
milter_protocol = 6
mydestination = ns.almogavers.net, localhost.almogavers.net, localhost,
canalonanismo.org, canalonanismo.es, almogavers.net, web.almogavers.net,
active.almogavers.net, 5.39.93.184, 37.187.18.41, 77.224.213.157
myhostname = almogavers.net
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 192.168.1.2
almogavers.net 192.168.1.0/24
mynetworks_style = class
myorigin = /etc/mailname
non_smtpd_milters = inet:localhost:3277
notify_classes = bounce, 2bounce, delay, policy, protocol, resource, software
postscreen_access_list = permit_mynetworks
postscreen_blacklist_action = drop
postscreen_dnsbl_action = enforce
postscreen_dnsbl_reply_map = texthash:/etc/postfix/postscreen_dnsbl_reply
postscreen_dnsbl_sites = cbl.abuseat.org=127.0.0.2*3
b.barracudacentral.org=127.0.0.2*3 bl.spamcop.net=127.0.0.2*2
hostkarma.junkemailfilter.com=127.0.0.2*2
hostkarma.junkemailfilter.com=127.0.0.4*1
dnsbl.sorbs.net=127.0.0.[2;3;4;5;9;10;11;12]*2 dnsbl.sorbs.net=127.0.0.6*3
bl.spameatingmonkey.net=127.0.0.2*2
backscatter.spameatingmonkey.net=127.0.0.1*1 dyna.spamrats.com=127.0.0.2*1
noptr.spamrats.com=127.0.0.2*1 psbl.surriel.com=127.0.0.2*7
dnsbl-2.uceprotect.net*5 dnsbl-1.uceprotect.net*4 dnsbl-3.uceprotect.net*3
all.s5h.net*5 multi.surbl.org*3 bl.nosolicitado.org*3
hostkarma.junkemailfilter.com=127.0.0.[1;5]*-5 ips.whitelisted.org=127.0.0.2*-3
postscreen_dnsbl_threshold = 1
postscreen_dnsbl_ttl = 10m
postscreen_greet_action = enforce
readme_directory = no
recipient_delimiter = +
sender_bcc_maps = hash:/etc/postfix/bcc
sender_dependent_default_transport_maps = hash:/etc/postfix/dependent
smtp_dns_support_level = enabled
smtp_host_lookup = dns
smtp_tls_CApath = /etc/ssl/certs
smtp_tls_loglevel = 1
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_client_restrictions = permit_mynetworks permit_inet_interfaces
permit_tls_all_clientcerts permit_sasl_authenticated check_client_access
hash:/etc/postfix/access reject_rbl_client dnsbl.sorbs.net
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_hard_error_limit = 20
smtpd_helo_restrictions = permit_mynetworks, reject_invalid_hostname, permit
smtpd_milters = inet:localhost:3277
smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated
reject_unauth_destination reject_invalid_hostname
reject_unknown_recipient_domain reject_unknown_client_hostname
check_client_access cidr:/etc/postfix/trusted_ips.cidr
reject_unknown_reverse_client_hostname check_policy_service inet:127.0.0.1:10023
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated
defer_unauth_destination permit_inet_interfaces
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_tls_security_options = $smtpd_sasl_security_options
smtpd_sender_restrictions = permit_mynetworks check_client_access
cidr:/etc/postfix/trusted_ips.cidr permit_sasl_authenticated
reject_unknown_sender_domain check_sender_access inline:{ { almogavers.net =
REJECT local sender from unauthorized client } }
smtpd_tls_CAfile = /etc/postfix/postfix.ca.pem
smtpd_tls_CApath = /etc/ssl/certs
smtpd_tls_cert_file = /etc/postfix/postfix.cert.pem
smtpd_tls_key_file = /etc/postfix/postfix.key.pem
smtpd_tls_mandatory_ciphers = high
smtpd_tls_received_header = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
virtual_alias_maps = hash:/etc/postfix/virtual************************************************************************************************* Este mensaje y todos los archivos adjuntos son confidenciales y de uso exclusivo por parte de su/sus destinatario/s. Si usted ha recibido este mensaje por error, le agradecemos que lo notifique inmediatamente al remitente y destruya el mensaje. Queda prohibida cualquier modificación, edición, uso o divulgación no autorizados. El Emisor no se hace responsable de este mensaje si ha sido modificado, distorsionado, falsificado, infectado por un virus o editado o difundido sin autorización. *********************************************************************************************** This message and any attachments are confidential and intended for the named addressee(s) only. If you have received this message in error, please notify immediately the sender, then delete the message. Any unauthorized modification, edition, use or dissemination is prohibited. The sender shall not be liable for this message if it has been modified, altered, falsified, infected by a virus or even edited or disseminated without authorization. *********************************************************************************************** El 04/03/2019 a las 11:03, Francesc Peñalvez escribió:
i use postscreenpostscreen_dnsbl_sites = cbl.abuseat.org=127.0.0.2*3 b.barracudacentral.org=127.0.0.2*3 bl.spamcop.net=127.0.0.2*2 hostkarma.junkemailfilter.com=127.0.0.2*2 hostkarma.junkemailfilter.com=127.0.0.4*1 dnsbl.sorbs.net=127.0.0.[2;3;4;5;9;10$the line does not fit me completely in the ssh client but that's how I have itHow could the whitelist add the ips or google domain?************************************************************************************************* Este mensaje y todos los archivos adjuntos son confidenciales y de uso exclusivo por parte de su/sus destinatario/s. Si usted ha recibido este mensaje por error, le agradecemos que lo notifique inmediatamente al remitente y destruya el mensaje. Queda prohibida cualquier modificación, edición, uso o divulgación no autorizados. El Emisor no se hace responsable de este mensaje si ha sido modificado, distorsionado, falsificado, infectado por un virus oeditado o difundido sin autorización.*********************************************************************************************** This message and any attachments are confidential and intended for the named addressee(s) only. If you have received this message in error, please notify immediately the sender, then delete the message. Any unauthorized modification, edition, use or dissemination is prohibited. The sender shall not be liable for this message if it has been modified, altered, falsified, infectedby a virus or even edited or disseminated without authorization.***********************************************************************************************El 04/03/2019 a las 10:59, Matus UHLAR - fantomas escribió:On 04.03.19 10:55, Francesc Peñalvez wrote:Subject: Is there any way to add whitelist to ranges or ips domains so thatdnsbl are skipped?Gmail has its ips stuck in almost all dnsbl spam and for that reason I do not receive any mail from gmail, I see the rebounds that postfix sends to the administration mail according to the failures of those ips, but no mail arrives from that domainis is possible to whitelist google IP ranges, either at SMTP or postscreenlevel, postscreen only supports whitelisting of IP ranges. how do you use blacklists? I don't understand the rest of your mail.
smime.p7s
Description: Firma criptográfica S/MIME
