Hello, +1 for this Request for Improvement. I also faced this need. Changing the machine solver was, unfortunately, not an option.
Thanks Marco On Thu, Apr 22, 2021 at 12:21 PM Simon Wilson <[email protected]> wrote: > Is there a way to make Postfix/postscreen use a specific DNS server? > > Reason for the question: > My network has an internal (non-ISP forwarding) DNS server for both > internal and external resolution, and that is default nameserver > across the network including for the mail server. That DNS server > includes a broad set of applied RPZ restrictions (which remove the > vast majority of ads and trackers - a very popular addition). The RPZ > zone has though on very rare occasions resulted in Postfix getting > SERVFAIL and rejecting domains (reject_unknown_sender_domain), which > could be classed as false positives - not for critical emails, but > occasionally for retail mail-outs etc. > > I provide a fully "clean and complete" DNS for spamassassin DNSBL > lookups by running a recursive caching nameserver on-localhost (SA has > an defined option to specify a DNS server). As noted above the mail > server as a whole does not use this - it uses the network-wide local > nameserver, ensuring that it can resolve local As CNAMEs etc as needed. > > Note: I realise one option is that I could probably add local domain > resolution to the localhost nameserver and use it as the default for > the mail server... but my first question is whether postfix has or > could have ability to have a specific nameserver (as Spamassassin > does), or if this would be a Bad Idea (TM) for reasons unknown to me. > > Simon. > > -- > Simon Wilson > M: 0400 12 11 16 > >
