>Eesh, >1) 17k per day >2) 8k per day > >These will be fun to wade through, any immediate suggestions for anything >that will definitely need whitelisting?
the unverifiable wcounts will be usually big, even huge, since postfix rejects with 4xx, and the other server will retry each msg repeatedly. the undeliverable are rejected with 5xx, so one try, done. most legit mail servers that fail SAV do it "unverifiable" and have a PTR, and the PTR, sender.domain, and helo domain all match. you can make two list into 4 by adding this pipe | egrep -iv "from unknown\[" | egrep -i "from unknown\[" that cuts them into lists with/without PTR so the list that you want to suspect as having whitelist candidates is 1) has PTR 2) SAV reject as unverifiable next would be 1) has no PTR 2) SAV reject as unverifiable I have had to whitelist only one time a dork's send-only list server where the list msgs were from [EMAIL PROTECTED], and the MX for domain.com said nobody was a bad user, ie, undeliverable, rather than sending from [EMAIL PROTECTED] and where nowhere.domain.com purposely had neither A nor MX, so no machine was contactable for verification, leaving nobody as unverifiable sender. This is the tactic with most legit send-only servers. Len
