2008/11/12 Randy Bush <randy@???>:
> using
>
> drop condition = ${if isip4{$sender_host_address}}
> message = blocked because $sender_host_address is \
> in blacklist at $dnslist_domain: $dnslist_text
> !dnslists = list.dnswl.org
> dnslists = dialups.mail-abuse.org \
> : rbl-plus.mail-abuse.org \
> : qil.mail-abuse.com
> logwrite = REJECT because $sender_host_address listed in
> $dnslist_domain
>
> loses a lot of gmail as they keep adding outbound servers and they are
> 'too important' to update dnswl.
>
> is there an efficient hack to double map the inbound ip to see if it is
> google or yahoo?
gmail publish an SPF record, so you can whitelist them that way....
accept domains = +spf_whitelist_domains
spf = pass
set the domainlist spf_whitelist_domains up with those domains whose
SPF record you want to use for whitelist purposes.Eg
domainlist spf_whitelist_domains = gmail.com : googlemail.com
(This use of SPF is immune from the standard argument about breaking
forwarding. It does depend on Google keeping their SPF record up to
date, though.)
--
Peter Bowyer
Email: peter@???
Follow me on Twitter: twitter.com/peeebeee
