Saturday, April 29, 2023, 5:40:19 PM, Ken Peng via Postfix-users wrote: > Hello
> When I enabled postscreen, why even gmail's sender IP was greylisted? > The log says: > Apr 29 15:35:35 mxin postfix/postscreen[59408]: NOQUEUE: reject: RCPT from > [209.85.160.53]:50219: 450 4.3.2 Service currently unavailable; > from=<x...@gmail.com>, to=<k...@posthub.me>, proto=ESMTP, > helo=<mail-oa1-f53.google.com> > And this is my configuration for postscreen: > # postscreen > postscreen_access_list = permit_mynetworks > cidr:/etc/postfix/postscreen_access.cidr > postscreen_blacklist_action = drop > postscreen_greet_action = enforce > postscreen_dnsbl_threshold = 2 > postscreen_dnsbl_action = enforce > postscreen_dnsbl_sites = zen.spamhaus.org*2 > postscreen_dnsbl_whitelist_threshold = -2 > # postscreen protocol test > postscreen_pipelining_enable = yes > postscreen_pipelining_action = enforce > postscreen_non_smtp_command_enable = yes > postscreen_non_smtp_command_action = enforce > postscreen_bare_newline_enable = yes > postscreen_bare_newline_action = enforce > Thank you > Ken > _______________________________________________ > Postfix-users mailing list -- postfix-users@postfix.org > To unsubscribe send an email to postfix-users-le...@postfix.org I'm not sure if these things will solve your problem with gmail but... You don't need the things listed in your "# postscreen protocol test" block. See the lines in the README that say: "This test is opportunistically enabled when postscreen(8) has to use the built-in SMTP engine anyway. This is to make postscreen(8) logging more informative." You should have: postscreen_dnsbl_whitelist_threshold = -1 (not -2) -- Cheers, Phil _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org