Mark Alan:
> It did not imagine that it would be so difficult to configure
> postscreen/postfix to achieve such a simple specification.
The hardest part of support on this mailing list is
to get a precise spec that does not conflict with itself.
Once we have that, configuration is not hard at all.
# postconf -n|grep postscreen
postscreen_access_list = static:reject
postscreen_blacklist_action = enforce
postscreen_greet_banner =
# telnet 127.0.0.1 smtp
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 foo.example.com ESMTP Postfix
ehlo foo
250-foo.example.com
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
mail from:<me>
250 2.1.0 Ok
rcpt to:<you>
450 4.3.2 Service currently unavailable
You complained that Postfix would engage into STARTTLS, but that
is a requirement if you want it to reject mail EXACTLY as if
postscreen talks to a stranger.
Wietse
