Postfix/Postgrey/openDMARC:如果 DMARC 检查成功,则绕过灰名单

tag-icon tag-icon postfix postgrey opendmarc
Postfix/Postgrey/openDMARC:如果 DMARC 检查成功,则绕过灰名单

我已经设置了 Postfix,以便它使用 Amavis(与 Spamassassin 和 ClamAV 结合使用)、openSPF、openDKIM 和 Postgrey,并且我最近将 openDMARC 添加到配置中。
它们都运行良好,但是,我现在想要做的是,如果收到的邮件通过了 DMARC 检查,则绕过 Postgrey。到目前为止,无论如何,所有内容都受灰名单的约束。

设置的限制/etc/postfix/main.cf如下:

smtpd_client_restrictions = permit_mynetworks,
                                reject_invalid_hostname,
                                permit_rhswl_client swl.spamhaus.org,
                                reject_rbl_client zen.spamhaus.org,
                                check_client_access hash:/etc/postfix/client_restrictions,
                                check_recipient_access hash:/etc/postfix/roleaccounts,
                                reject_unknown_client,
                                permit

smtpd_relay_restrictions = permit_mynetworks,
                                reject_unknown_sender_domain,
                                reject_unknown_recipient_domain,
                                check_policy_service unix:private/policy-spf

smtpd_helo_restrictions = permit_mynetworks,
                                check_helo_access hash:/etc/postfix/helo_access,
                                reject_rhsbl_helo dbl.spamhaus.org,
                                reject_unauth_pipelining,
                                reject_non_fqdn_helo_hostname,
                                reject_invalid_helo_hostname,
                                reject_unknown_helo_hostname,
                                permit

smtpd_sender_restrictions = permit_mynetworks,
                                reject_rhsbl_sender dbl.spamhaus.org,
                                reject_non_fqdn_sender,
                                reject_unknown_sender_domain,
                                reject_unknown_address 

smtpd_recipient_restrictions = reject_non_fqdn_sender,
                                reject_non_fqdn_recipient,
                                reject_non_fqdn_hostname,
                                reject_invalid_hostname,
                                permit_mynetworks,
                                reject_unauth_pipelining,
                                reject_unknown_sender_domain,
                                reject_unknown_recipient_domain,
                                reject_unauth_destination,
                                reject_unknown_client,
# The next entry is Postfix accessing Postgrey...
                                check_policy_service inet:[ipv6-of-vm]:10023,
                                permit 

smtpd_etrn_restrictions = permit_mynetworks,
                                reject

smtpd_data_restrictions = reject_unauth_pipelining,
                                reject_multi_recipient_bounce,
                                permit

设置过滤器:

milter_default_action = tempfail
milter_protocol = 6
# First it's openDKIM, then it's openDMARC.
smtpd_milters = inet:[ipv6-of-vm]:8891,inet:[ipv6-of-vm]:8892
non_smtpd_milters = $smtpd_milters

如果 DMARC 检查通过,如何让 Postfix 绕过 Postgrey?

相关内容