On Tue, May 14, 2013 at 8:33 AM, /dev/rob0 <r...@gmx.co.uk> wrote: > On Tue, May 14, 2013 at 07:49:50AM -0700, Steve Jenkins wrote: > > smtpd_recipient_restrictions = > > reject_invalid_helo_hostname, > > warn_if_reject reject_non_fqdn_helo_hostname, > > reject_unknown_reverse_client_hostname, > > warn_if_reject reject_unknown_helo_hostname, > > check_reverse_client_hostname_access > pcre:/etc/postfix/fqrdns.pcre, > > check_helo_access hash:/etc/postfix/helo_access, > > check_sender_access hash:/etc/postfix/sender_access, > > reject_rbl_client zen.spamhaus.org, > > reject_rhsbl_client dbl.spamhaus.org, > > reject_rhsbl_sender dbl.spamhaus.org, > > reject_rhsbl_helo dbl.spamhaus.org, > > permit_dnswl_client list.dnswl.org=127.0.[0..255].[1..3], > > permit > > The last two lines are no-op. If you have anything you want to be > subjected to the list.dnswl.org whitelist, put it after the > permit_dnswl_client. If not, there is no point in querying it.
Excellent point. If the next step is going to "permit" anyway, then no use in the extra query. I've moved the dnswl.org line up so that it's just above the three "local" check_* lines. SteveJ
