> > Don't enable the "after 220" tests, or wait until whitelisting
> > is stable. Given that Google has many servers, manual whitelisting
> > is not a long-term solution.
> After looking at my log files I?ve disabled all the ?after 220?
> test for now. Looking forward to the stable whitelisting support
> in the 2.11 when that?s released.
postscreen 2.11 DNS-based whitelisting is finished. It also eliminates
most of the postscreen_greet_wait delay for whitelisted sites.
My settings are relatively generous, but they don't have to stop
all spam. I still rely on smtpd_mumble_restrictions and so on.
postscreen_dnsbl_action = enforce
postscreen_dnsbl_sites = zen.spamhaus.org*2 bl.spamcop.net*1
postscreen_dnsbl_threshold = 2
postscreen_dnsbl_ttl = 1h (the default)
postscreen_dnsbl_whitelist_threshold = -1