On Thu, Jul 21, 2016 at 10:09 AM, Lefteris Tsintjelis <le...@spes.gr> wrote:
> On 21 Jul 2016, at 18:58, Steve Jenkins <st...@stevejenkins.com> wrote: > > > If you're looking into Postscreen whitelisting, you might consider > including Postwhite in your solution: > > > http://www.stevejenkins.com/blog/2015/11/postscreen-whitelisting-smtp-outbound-ip-addresses-large-webmail-providers/ > > It helps you whitelist trusted senders' known SMTP IP addresses based on > their published SPF records. You can choose which mailers to whitelist and > add easily your own. > > > This is a CIDR based access list > Postwhite handles CIDR and individual IP addresses, and formats them properly for Postscreen. > and you have to know the IP but Gmail for example changes often so > something like ".google.com accept” or “.hotmail.com reject” would make > life much much easier. > You're right -- Gmail (and others) change their IP addresses often... so I'm going to guess you didn't make it to the part of the article that says "I also recommend creating a cron job to refresh your whitelist with updated queries every week." Actually, Postwhite is lightweight enough to be run daily (or even multiple times per day) to update your Postscreen whitelist, if you're concerned with super-freshness. If the blog post was too much reading, just skip right to the GitHub project for it: https://github.com/stevejenkins/postwhite What you're asking for doesn't exist currently in Postscreen, and it's not likely it will any time soon (if ever). Your best approach is to combine dnswl whitelisting with Postwhite. It's literally a 5 minute job that will "make life much much easier." :) SteveJ
