diff options
Diffstat (limited to 'roles/MX/templates/etc/postfix/main.cf.j2')
-rw-r--r-- | roles/MX/templates/etc/postfix/main.cf.j2 | 20 |
1 files changed, 17 insertions, 3 deletions
diff --git a/roles/MX/templates/etc/postfix/main.cf.j2 b/roles/MX/templates/etc/postfix/main.cf.j2 index 476178a..181066a 100644 --- a/roles/MX/templates/etc/postfix/main.cf.j2 +++ b/roles/MX/templates/etc/postfix/main.cf.j2 @@ -123,11 +123,25 @@ unknown_virtual_mailbox_reject_code = 554 unverified_recipient_reject_code = 554 unverified_sender_reject_code = 554 +postscreen_blacklist_action = drop +postscreen_dnsbl_threshold = 3 +postscreen_dnsbl_action = enforce +postscreen_dnsbl_sites = + zen.spamhaus.org*3 + swl.spamhaus.org*-4 + b.barracudacentral.org*2 + bl.spameatingmonkey.net*2 + bl.spamcop.net + dnsbl.sorbs.net + list.dnswl.org=127.[0..255].[0..255].0*-2 + list.dnswl.org=127.[0..255].[0..255].1*-3 + list.dnswl.org=127.[0..255].[0..255].[2..255]*-4 + +postscreen_greet_action = enforce +postscreen_whitelist_interfaces = !88.80.11.28 static:all smtpd_client_restrictions = permit_mynetworks - reject_rbl_client zen.spamhaus.org - reject_rbl_client bl.spamcop.net smtpd_helo_required = yes smtpd_helo_restrictions = @@ -144,7 +158,7 @@ smtpd_recipient_restrictions = permit_mynetworks reject_unauth_destination reject_unlisted_recipient - check_policy_service unix:private/postgrey + permit_dnswl_client list.dnswl.org smtpd_data_restrictions = reject_unauth_pipelining |