From 29efd4a215518d80f36ccb5bb8e6f9870241ad54 Mon Sep 17 00:00:00 2001
From: Sheogorath <sheogorath@shivering-isles.com>
Date: Thu, 6 Oct 2022 14:28:05 +0200
Subject: [PATCH] replace postscreen with smtpd

---
 images/postfix/config/main.cf   | 25 ++++++++++++++-----------
 images/postfix/config/master.cf |  1 -
 2 files changed, 14 insertions(+), 12 deletions(-)

diff --git a/images/postfix/config/main.cf b/images/postfix/config/main.cf
index 41664e218..767a27bee 100644
--- a/images/postfix/config/main.cf
+++ b/images/postfix/config/main.cf
@@ -90,20 +90,20 @@ virtual_transport = lmtp:inet:dovecot-internal:24
 postscreen_upstream_proxy_protocol = haproxy
 postscreen_upstream_proxy_timeout = 5s
 postscreen_access_list = permit_mynetworks
-postscreen_blacklist_action = drop
+postscreen_deny_action = ignore
 postscreen_greet_action = ignore
 # Disable zombie detection
 postscreen_greet_banner =
-postscreen_dnsbl_action = enforce
-postscreen_dnsbl_threshold = 3
-postscreen_dnsbl_allowlist_threshold = -1
-postscreen_dnsbl_sites =
-        zen.spamhaus.org=127.0.1.[2..254]*3,
-        ix.dnsbl.manitu.net*3,
-        bl.spamcop.net,
-        b.barracudacentral.org,
-        safe.dnsbl.sorbs.net,
-        swl.spamhaus.org*-10,
+postscreen_dnsbl_action = ignore
+#postscreen_dnsbl_threshold = 3
+#postscreen_dnsbl_allowlist_threshold = -1
+#postscreen_dnsbl_sites =
+#        zen.spamhaus.org=127.0.1.[2..254]*2,
+#        ix.dnsbl.manitu.net*2,
+#        bl.spamcop.net,
+#        b.barracudacentral.org,
+#        safe.dnsbl.sorbs.net=127.0.0.[2..254],
+#        list.dnswl.org=127.0.[0..255].[1..3]*-5,
 
 ########
 ##
@@ -125,6 +125,9 @@ smtpd_recipient_restrictions =
         permit_mynetworks,
         reject_unverified_recipient,
         reject_unauth_destination,
+        reject_rbl_client zen.spamhaus.org=127.0.1.[2..254],
+        reject_rbl_client ix.dnsbl.manitu.net,
+        reject_rbl_client safe.dnsbl.sorbs.net=127.0.0.[2..254],
         permit
 
 smtpd_sender_restrictions =
diff --git a/images/postfix/config/master.cf b/images/postfix/config/master.cf
index c0ea1bccb..e556ec4b8 100644
--- a/images/postfix/config/master.cf
+++ b/images/postfix/config/master.cf
@@ -8,7 +8,6 @@
 smtpd     pass  -       -       -       -       -       smtpd
     -o smtpd_tls_received_header=yes
     -o content_filter=
-    -o smtpd_upstream_proxy_protocol=haproxy
 dnsblog   unix  -       -       -       -       0       dnsblog
 tlsproxy  unix  -       -       -       -       0       tlsproxy
 #smtps     inet  n       -       -       -       -       smtpd
-- 
GitLab