PGNet Dev: > I've got a legitimate sender, FedEx, sending expected, automated emails, > that's got a missing RDNS PTR record on their sending host. For my config, > Postfix currently rejects is with a 450: > > Apr 1 16:22:11 mx postfix/postscreen-internal/smtpd[4947]: NOQUEUE: > reject: RCPT from pvma00055.prod.fedex.com[204.135.8.96]: 450 4.1.8 > <prvs=799449d577=w...@edc-widmapp.prod.cloud.fedex.com>: Sender address > rejected: Domain not found; > from=<prvs=799449d577=w...@edc-widmapp.prod.cloud.fedex.com> > to=<u...@example.com> proto=ESMTP helo=<mx26.infosec.fedex.com> > > I'd like to reject instead with a 550 (or whatever's the appropriate, but > 'permanent' smtp code) -- but _only_ for FedEx servers in their > '*.prod.cloud.fedex.com' subdomains; other errant senders/domains should > still use the 450 default. > > I know it's possible; what's the recommended approach here? > A map of some sort, I'm guessing -- what's the correct restriction to use, > and syntax for spec'ing the 550 usage? >
smtpd_mumble_restrictions = ... reject_unauth_destination inline:{fedex.com=OK} reject_unknown_sender_domain ... Wietse