You could build a cidr file (say /etc/postfix/postscreen_access.cidr)
to whitelist gmail servers with the output from:
dig +short _spf.google.com TXT|awk '{for (f=1; f<=NF; f++) {if
(substr($f,1,8)=="include:") print substr($f,9)}}'|xargs -I {} dig
+short {} TXT|awk '{for (f=1; f<=NF;f++) {if (substr($f,1,4)=="ip4:")
print substr($f,5)" PERMIT"}}'
(sorry for any line breaks, this is plain text mail)
and then use something like this:
postscreen_access_list = cidr:/etc/postfix/postscreen_access.cidr
But it seems to me that if your dnsbl settings are blocking all gmail
you should fix your dnsbl settings rather than use a sticking plaster.
Your present settings look too aggressive, and you don't seem to be
using zen.spamhaus.org which IMO is the best (and some people think is
the only one worth bothering with).
