LuKreme a écrit : > I have the following in my main.cf: > > <<MAINCF > #smtpd_reject_unlisted_sender = yes > mime_header_checks = pcre:$config_directory/mime_headers.pcre > smtpd_restriction_classes = check_greylist > check_greylist = check_policy_service inet:127.0.0.1:10023 > > MAINCF > > (there are no leading spaces or stray ,'s, I pasted the lines exactly > in, including the following blank line.) > > but when I look at postconf, the "check_greylist =" does not show up. > > $ postconf -n | grep grey > smtpd_restriction_classes = check_greylist > $ > > Is that simply because the check_greylist directive is, itself, > nonstandard and so not shown by postconf -n?
yes, this is a known limitation of postconf. it only supports "knwon" parameters. so you can't do # postconf -e "joe=blah" use a script if you need more. > > The reason I ask is that when a message is greylisted, it still 'goes > on' in the log to hit the RBL check. > this is because your policy server returns defer_if_permit. this is the "standard" result, and the "standard" setup is to call the policy server after other checks. The idea is that there is no reason to greylist a host that you can reject. if you really want to do things differently, then you need to change the results returned by your policy server. but then your stats, verifications, ... will be harder. > postfix/smtpd[68116]: connect from unknown[173.45.143.3] > postgrey[948]: action=greylist, reason=new, client_name=unknown, > client_address=173.45.143.3, sender=spam...@kintopuzi.com.example.org, > recipient=u...@example.com > postfix/smtpd[68116]: NOQUEUE: reject: RCPT from unknown[173.45.143.3]: > 554 5.7.1 Service unavailable; Client host [173.45.143.3] blocked using > zen.spamhaus.org; http://www.spamhaus.org/SBL/sbl.lasso?query=SBL75567; > from=<alifechangingev...@kintopuzi.com> to=<r...@broadway-terrace.com> > proto=SMTP helo=<mx2.kintopuzi.com.example.org> > postfix/smtpd[68116]: disconnect from unknown[173.45.143.3] >
