On Dec 6, 2011 7:19 AM, "Grant" <emailgr...@gmail.com> wrote: > > > Here's the entirety of my main.cf postscreen section for reference. I've > > deemed these safe, but you shouldn't enable them without reading what they > > do! > > > > > > # > > # Postscreen settings > > # > > > > postscreen_greet_action = enforce > > > > postscreen_dnsbl_sites = > > psbl.surriel.com, > > bl.spamcop.net, > > zen.spamhaus.org, > > b.barracudacentral.org > > > > postscreen_dnsbl_threshold = 1 > > postscreen_dnsbl_action = enforce > > > > > > ## > > ## Deep protocol tests > > ## > > > > postscreen_pipelining_enable = yes > > postscreen_pipelining_action = enforce > > > > postscreen_non_smtp_command_enable = yes > > postscreen_non_smtp_command_action = enforce > > > > postscreen_bare_newline_enable = yes > > postscreen_bare_newline_action = enforce > > I've looked up each of those parameters and they sound fine to me. > How long have you been running them? Have you been notified of any > mistakenly rejected mail? It's very important my server doesn't miss > any mail, even if it means dealing with more spam. >
Similar situation with me. Because my company is in the financial sector, false negatives are much more preferred than false positives. (Although I can always weasel my way out of any problems caused by slight configuration mistakes, I prefer not having to put myself into a situation where weasel-ing is needed :-) Rgds,