>Maybe you should post more of your config or intention what you're trying to achieve.
As explained in my first message, I followed this guide : https://poolp.org/posts/2019-09-14/setting-up-a-mail-server-with-opensmtpd-dovecot-and-rspamd/ So I have a domain "example.org", the MX for this domain is "mx1.example.org" with a real user "foo". There is another server "test.example.org" with the same real user. When I send a mail from "[email protected]" to "[email protected]", the message lands into the junk folder of "[email protected]", instead of landing into the inbox. And when I send a message to "[email protected]" from a Gmail account, the mail properly lands into the inbox. This is why I want to put in a white list the FQDN or IP addresses of all the servers of the domain "example.org". Here is the smtpd.conf : ------------------------------------- #========================================================== # Macros. #========================================================== HOST="mx1.example.org" DOMAIN="example.org" #========================================================== # Options. #========================================================== smtp ciphers \ AEAD-AES256-GCM-SHA384:\ AEAD-AES128-GCM-SHA256:\ AEAD-CHACHA20-POLY1305-SHA256:\ ECDHE-RSA-AES256-GCM-SHA384:\ ECDHE-RSA-AES128-GCM-SHA256:\ ECDHE-RSA-CHACHA20-POLY1305 #========================================================== # Tables. #========================================================== table aliases db:/etc/mail/aliases.db #========================================================== # PKI. #========================================================== pki $HOST cert "/etc/ssl/mx1.example.org.crt" pki $HOST key "/etc/ssl/private/mx1.example.org.key" #========================================================== # Filters. #========================================================== filter check_dyndns \ phase connect \ match rdns regex { '.*\.dyn\..*', '.*\.dsl\..*' } \ disconnect "550 no residential connections" filter check_rdns \ phase connect \ match !rdns \ disconnect "550 no rDNS is so 80s" filter check_fcrdns \ phase connect \ match !fcrdns \ disconnect "550 no FCrDNS is so 80s" filter senderscore \ proc-exec "filter-senderscore -blockBelow 10 -junkBelow 70 -slowFactor 5000" filter rspamd \ proc-exec "filter-rspamd" #========================================================== # Listening interfaces. #========================================================== listen on egress inet4 \ tls \ pki $HOST \ filter { check_dyndns, check_rdns, check_fcrdns, senderscore, rspamd } listen on egress inet4 \ port submission \ tls-require \ pki $HOST \ auth \ filter rspamd listen on lo0 inet4 #========================================================== # Actions. #========================================================== action "local_mail" \ maildir "~/.Maildir" junk \ alias <aliases> action "outbound" \ relay \ helo $HOST \ pki $HOST #========================================================== # Matches. #========================================================== match \ from any \ for domain $DOMAIN \ action "local_mail" match \ from local \ for local \ action "local_mail" match \ from any auth \ for any \ action "outbound" match \ from local \ for any \ action "outbound" #========================================================== # End of File. #========================================================== ------------------------------------- Le ven. 4 juin 2021 à 12:01, Pete <[email protected]> a écrit : > > > >It seems that the reality is "Finally, a number of decisions must > >(mandatory) be taken:" > Well sure. A decison has to be made. > > > > filter whitelist \ > > chain { test-rdns , test-fcrdns } \ > > bypass > Is this even valid syntax? AFAIR the decision needs to be specified with > the filter. > > I think it should be something along those lines: > filter "white-rdns" phase connect match rdns <whitelist> bypass > filter "white-fcrdns" phase connect match fcrdns bypass > filter "dnsbl" proc-exec "filter-dnsbl" > filter "inbound" chain { "white-rdns","white-fcrdns","dnsbl" } > > Not sure, what exaclty you are trying to accomplish. > Maybe you should post more of your config or intention what you're trying > to achieve. > > > >
