On Wed, May 1, 2013 at 5:14 AM, /dev/rob0 r...@gmx.co.uk wrote:
Here are my current entries:
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
I don't put these permit_* in global restrictions; I only apply them
to submission via -o
On 2013-05-01 07:14:37 -0500, /dev/rob0 wrote:
On Wed, Apr 24, 2013 at 03:44:19PM -0700, Steve Jenkins wrote:
warn_if_reject reject_unknown_reverse_client_hostname,
Safe, because many large receivers do this as well.
That's interesting. Several months ago, I intended to add it, but
On Wed, Apr 24, 2013 at 03:44:19PM -0700, Steve Jenkins wrote:
On Wed, Apr 24, 2013 at 3:15 PM, /dev/rob0 r...@gmx.co.uk wrote:
True, but for all we know they could be preceded by a
check_policy_service or permit_dnswl_client restriction.
Well, in this case they're not (yet?) preceded by
On 2013-04-23 13:23:17 -0500, /dev/rob0 wrote:
Looks very similar to mine, http://rob0.nodns4.us/postscreen.html
Thanks for this example.
BTW, are the deep protocol tests (in addition to the dnsbl tests)
useful in practice? Do you have statistics? Is this mainly for
new zombies that have not
On Tue, Apr 23, 2013 at 12:41 PM, /dev/rob0 r...@gmx.co.uk wrote:
With those restrictions, you could just as well raise the
corresponding postscreen_dnsbl_sites scores to 3 for each. ISTM that
you're missing the point of scoring.
Yes, as I mentioned, Zen and (for most domains) BRBL listings
On 04/24/2013 11:23 PM, Steve Jenkins wrote:
On Tue, Apr 23, 2013 at 12:41 PM, /dev/rob0 r...@gmx.co.uk
mailto:r...@gmx.co.uk wrote:
With those restrictions, you could just as well raise the
corresponding postscreen_dnsbl_sites scores to 3 for each. ISTM that
you're missing the
On Wed, Apr 24, 2013 at 2:27 PM, Jeroen Geilman jer...@adaptr.nl wrote:
These make any deviation in scoring for zen and barracuda in POSTSCREEN
irrelevant.
The reject_rbl_client results are not weighted; they're fail/pass.
I'd just remove them here.
(You still don't have the hang of
On Wed, Apr 24, 2013 at 11:27:41PM +0200, Jeroen Geilman wrote:
On 04/24/2013 11:23 PM, Steve Jenkins wrote:
On Tue, Apr 23, 2013 at 12:41 PM, /dev/rob0 r...@gmx.co.uk:
With those restrictions, you could just as well raise the
corresponding postscreen_dnsbl_sites scores to 3 for
On Wed, Apr 24, 2013 at 3:15 PM, /dev/rob0 r...@gmx.co.uk wrote:
True, but for all we know they could be preceded by a
check_policy_service or permit_dnswl_client restriction.
Well, in this case they're not (yet?) preceded by any of those... but I'm
learning more and more with every piece of
I recently removed TRBLSPAM from my postscreen_dnsbl_sites lists after they
went offline earlier this month (this should be a reminder to do the same
for anyone here who also used them). That got me wondering about what DNSBL
sites others have been successfully using with Postscreen.
Here's my
On Tue, Apr 23, 2013 at 10:42:36AM -0700, Steve Jenkins wrote:
I recently removed TRBLSPAM from my postscreen_dnsbl_sites lists
after they went offline earlier this month (this should be a
reminder to do the same for anyone here who also used them). That
got me wondering about what DNSBL
On Apr 23, 2013, at 19:42, Steve Jenkins stevejenk...@gmail.com wrote:
I recently removed TRBLSPAM from my postscreen_dnsbl_sites lists after they
went offline earlier this month (this should be a reminder to do the same for
anyone here who also used them). That got me wondering about what
On Apr 23, 2013, at 20:23, /dev/rob0 r...@gmx.co.uk wrote:
postscreen_dnsbl_threshold = 3
postscreen_dnsbl_sites =
zen.spamhaus.org*2,
b.barracudacentral.org*2,
dnsbl.mjabl.org,
What? $ whois mjabl.org
On Tue, Apr 23, 2013 at 11:23 AM, /dev/rob0 r...@gmx.co.uk wrote:
Looks very similar to mine, http://rob0.nodns4.us/postscreen.html
postscreen_dnsbl_threshold = 3
postscreen_dnsbl_sites =
zen.spamhaus.org*2,
b.barracudacentral.org*2,
dnsbl.mjabl.org,
What? $
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 04/23/2013 10:42 AM, Steve Jenkins wrote:
This setup has been working pretty well for me, and reduces false
positives by not allowing any single DNSBL to block an incoming
connection without concurrence from at least one other DNSBL.
On Tue, Apr 23, 2013 at 08:59:41PM -0700, David Benfell wrote:
On 04/23/2013 10:42 AM, Steve Jenkins wrote:
This setup has been working pretty well for me, and reduces false
positives by not allowing any single DNSBL to block an incoming
connection without concurrence from at least one
16 matches
Mail list logo
