Below is a quote from the release notes on new filter and weight
support for postscreen DNSBL lookup results.
I suppose that next will be a dummy SMTP engine (similar to smtp-sink)
that can log client/helo/sender/recipient information for blocked
sessions.
I've been testing the new code today and plan to change it into a
regular snapshot release later this week.
Wietse
Major changes with snapshot 20100829-nonprod
============================================
Postscreen DNSBL support is extended with optional fixed-string
filters, with optional integral weight factors, and with an adjustable
threshold to block SMTP clients whose combined DNSBL score is >=
a threshold. Support for wild-card patterns will be added later.
The updated postscreen configuration syntax is:
postscreen_dnsbl_sites = domain[=ipaddr][*weight] ...
postscreen_dnsbl_threshold = score
Where ipaddr is an IPv4 address, and weight and score are integral
numbers. By default, weight and score are equal to 1. Use a negative
weight value for whitelisting.
To use example.com as a high-confidence blocklist, and to block
mail with example.net and example.org only when both agree, use:
postscreen_dnsbl_threshold = 2
postscreen_dnsbl_sites = example.com*2, example.net, example.org
To filter only DNSBL replies containing 127.0.0.4, use:
postscreen_dnsbl_sites = example.com=127.0.0.4
