On 2023-11-05 15:41, Matus UHLAR - fantomas via Postfix-users wrote:
Jesper Dybdal via Postfix-users skrev den 2023-11-05 13:48:
To avoid using a public name server for DNSBL lookups, I would like
the DNSBL checks to be done using only the name server running on
localhost.
But I would like the rest of the system to have for instance Google
as a secondary name server.
On 05.11.23 15:12, Benny Pedersen via Postfix-users wrote:
its more simple to let postfix use /etc/resolver.conf as is, and then
let spam filter use loopback ips only
spamassassin local.cf:
this does not apply for checks done in postfix.
Thanks for your responses.
As Matus writes, it will for instance not influence reject_rbl_client
restrictions.
Meanwhile, I got another idea: let resolv.conf contain localhost + (say)
8.8.8.8, and make a firewall rule that blocks connections to 8.8.8.8
when issued by userid postfix or amavis. Then I won't have to mess with
Debian's copying of resolv.conf. Is there any real disadvantage in that
(assuming that localhost's name server is almost always available)?
--
Jesper Dybdal
https://www.dybdal.dk
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org