On 12/8/2011 2:17 PM, Peter L. Berghold wrote: > smtpd_recipient_restrictions = > permit_mynetworks, > permit_auth_destination, This restriction at this location will IGNORE all RBL lookups when mail is destined for your system. I suggest removing it as it is implied if reject_unauth_destination fails to reject.
> reject_unauth_destination, > check_sender_access hash:/etc/postfix/access, > permit_sasl_authenticated, This placement of permit_sasl_authenticated will only skip checks below it. Is this what you intend? > reject_unauth_pipelining, > reject_non_fqdn_sender, > reject_non_fqdn_recipient, > reject_unknown_recipient_domain, > reject_unkown_helo_hostname, > reject_invalid_hostname, > reject_unknown_hostname, > reject_rbl_client blackholes.easynet.nl, > reject_rbl_client bl.spamcop.net, > reject_rbl_client cbl.abuseat.org, > reject_rbl_client cbl.abuseat.org, Listing an RBL twice won't increase the chance of it being caught. > reject_rbl_client dnsbl.njabl.org, > reject_rbl_client dul.dnsbl.sorbs.net, > reject_rbl_client hostkarma.junkemailfilter.com=127.0.0.2, > reject_rbl_client list.dsbl.org, > reject_rbl_client list.dsbl.org, Ditto on last comment, plus dsbl.org has been dead a while > reject_rbl_client multihop.dsbl.org, > reject_rbl_client opm.blitzed.org, > reject_rbl_client sbl.spamhaus.org, > reject_rbl_client sbl-xbl.spamhaus.org, > permit Permit at then end is harmless as it is also implied if all others pass. Suggest reviewing all RBLs. Some are dead, and some can be combined. zen.spamhaus.org will include (sbl|xbl|pbl).spamhaus.org xbl.spamhaus.org includes cbl.abuseat.org Brian
