Hello again,
I discovered possibility of milters. So I have created a milter that
performs the restriction I wanted. If someone would be interested, it
is here:
https://github.com/mjiricka/MailFrom_DNSBL_Milter
So far results are as expected – all spam filtered, zero false-positives! :)
Martin
> What I was trying to say is that (if there was 1 A record per domain), the
> number of spamhaus lookups would increase two times.
> If you check MX records, number of lookups can increase even more.
I am afraid I still do not understand how you count it :-( But it does
not matter, thank you very
> It seems natural (for me at least) to introduce a new map type
> dnsbl: that maps those IP addresses to an action.
That would be amazing! If I get it right this would also deprecate
e.g. `reject_rhsbl_client` and `reject_rbl_client`. As a Postfix
novice I would appreciate the reduction of config
> I'm not talking about DNS lookups, but about DNSBL lookups.
Yes, I did interchanged them, pardon.
> You ask each dnsbl for client IP, now you will ask them for each A or MX
> record. That means, number of DNSBL lookups will increase ad least two times
> (for each dnsbl you already query).
Hmm,
> Did you mean: reject_rhsbl_sender (i.e. reject the sender domain)?
> That already exists.
The `reject_rhsbl_sender` checks whether MAIL FROM domain is listed
under rbl_domain. And I would like to have `reject_rbl_sender` that
would check whether reversed sender domain is listed under rbl_domain.
> Doing it on MX would require dnsbl lookups for each MX server in all
> received mail.
> That would massively increase amount of dnsbl lookups.
I do not know if I would call it "massively". I already do
`reject_unknown_client_hostname` check and 4 other dnsbl lookups. So I
would do another 2 in a
i-spam setting would be filtered with such restriction according
sender domain. Maybe it is more problem of Spamhaus and its list
synchronization, I do not know.
Or is there any fundamental reason why rejecting emails according
sender's domain IP is not a good idea?
My best wishes,
Martin Jiřička
