Am 29.07.2016 um 19:12 schrieb @lbutlr:
On 29 Jul 2016, at 09:20, sha...@shanew.net wrote:I would generalize that even more to say that greylisting should come before any other content-based filtering (virus scanners, defanging, etc.).Greylisting is a great idea, in theory. In practice there are so many large emailers who can’t do email properly that is causes more trouble than it prevents.
that's why "smtpd_recipient_restrictions" works from top to bottom - just look at which position it's here and that works perfectly when you run SA whithin a *milter* because permit-actions for other restricitons classes don't skip milters
smtpd_recipient_restrictions = permit_dnswl_client wl.mailspike.net permit_dnswl_client list.dnswl.org] permit_dnswl_client hostkarma.junkemailfilter.com=127.0.0.[1;3;5] permit_dnswl_client bl.nszones.com=127.0.0.5 permit_dnswl_client score.senderscore.com=127.0.4.[80..100] permit_dnswl_client iadb.isipp.com permit_dnswl_client sa-accredit.habeas.com permit_dnswl_client dnswl.inps.de=127.0.[0;1].[2..10] permit_dnswl_client swl.spamhaus.org=127.0.2.[2;3;102;103] ${stress?sleep 0}${stress: sleep 2} check_policy_service unix:/var/spool/postfix/postgrey/socket reject_unverified_sender
signature.asc
Description: OpenPGP digital signature