I have tried to setup a whitelist for some domains, the idea is to have the whitelisted domains bypass RBL and spamassassin checks (ie. deliver everything!).
With the above implemented, I still get RBL checks performed on the whitelist domains. Could this be accomplished by using "check_recipient_access" in the "smtpd_sender_restrictions" stanza? I have setup a "all_spam_to" for these domains in spamassassin but it would be nice if I can bypass it all together for the domains in question, although my main concern is bypassing RBLs
Also my thoughts are it might be redundant having "reject_rbl_client" and "reject_rhsbl_sender" under "smtpd_recipient_restrictions" - can anyone comment?
Thanks for your time, appreciate it
> Hi Folks
> I have tried to setup a whitelist for some domains, the idea is to have
> the whitelisted domains bypass RBL and spamassassin checks (ie. deliver
> smtpd_recipient_restrictions =
> reject_rbl_client zen.spamhaus.org,
> reject_rbl_client dnsbl.njabl.org,
> reject_rhsbl_sender dsn.rfc-ignorant.org,
> domain1.com OK
> domain2.com OK
> With the above implemented, I still get RBL checks performed on the
> whitelist domains.
You need to show your "postconf -n" output, as requested. The
above config will not perform any RBL checks.
allow authorized users.
allow any domain this server is responsible for
the only mail left at this point is unauthorized relay
attempts - normally a very small fraction of mail.
These unauthorized attempts will be blocked by
reject_unauth_destination. Nothing below that will ever be
You can use a check_recipient_access map prior to RBL checks
to bypass the RBL restrictions, but you cannot use this method
to bypass a content_filter.
To bypass a content_filter completely, you need two separate
postfix instances, each with its own queue and config
directory. Then you can use transport_maps to route mail to
either the content filter or the second postfix instance.
It's often easier to use a content filter that supports
> Could this be accomplished by using
> "check_recipient_access" in the "smtpd_sender_restrictions" stanza? I
> have setup a "all_spam_to" for these domains in spamassassin but it
> would be nice if I can bypass it all together for the domains in
> question, although my main concern is bypassing RBLs
> Also my thoughts are it might be redundant having "reject_rbl_client"
> and "reject_rhsbl_sender" under "smtpd_recipient_restrictions" - can
> anyone comment?
It's redundant to have any restriction listed more than once.
It's common to list all restrictions under
smtpd_recipient_restrictions so you can easily see the order
they are performed in, and so you only have to whitelist once.
# basic main.cf config
... local whitelists ...
... local blacklists ...
... local UCE checks (RBLs etc.) ...
> Thanks for your time, appreciate it
|Free forum by Nabble||Edit this page|