From e8821268dec585a42c4e63b6c7decf9a4f81fea8 Mon Sep 17 00:00:00 2001
From: Sheogorath <sheogorath@shivering-isles.com>
Date: Sun, 25 Sep 2022 19:13:01 +0200
Subject: [PATCH] refactor(postfix): rework postscreen settings

This patch adjusts the postscreen settings regarding dnsbls and alike to
hopefully speed up the processing time of emails and make the place more
inviting for wanted e-mails.
---
 images/postfix/.release       |  2 +-
 images/postfix/config/main.cf | 22 ++++++++--------------
 2 files changed, 9 insertions(+), 15 deletions(-)

diff --git a/images/postfix/.release b/images/postfix/.release
index 5bf903b79..7f1bdeb40 100644
--- a/images/postfix/.release
+++ b/images/postfix/.release
@@ -1 +1 @@
-release=0.2.3
+release=0.3.0
diff --git a/images/postfix/config/main.cf b/images/postfix/config/main.cf
index db10641a7..11281de1a 100644
--- a/images/postfix/config/main.cf
+++ b/images/postfix/config/main.cf
@@ -89,21 +89,16 @@ virtual_transport = lmtp:inet:dovecot-internal:24
 
 postscreen_access_list = permit_mynetworks
 postscreen_blacklist_action = drop
-postscreen_greet_action = enforce
+postscreen_greet_action = ignore
 postscreen_dnsbl_action = enforce
 postscreen_dnsbl_threshold = 3
-postscreen_dnsbl_whitelist_threshold = -1
+postscreen_dnsbl_allowlist_threshold = -1
 postscreen_dnsbl_sites =
         zen.spamhaus.org*3,
         ix.dnsbl.manitu.net*3,
-        multi.uribl.com,
         bl.spamcop.net,
         b.barracudacentral.org,
-        dnsbl-1.uceprotect.net,
         safe.dnsbl.sorbs.net,
-        ubl.unsubscore.com,
-        psbl.surriel.com,
-        dnsbl.inps.de,
         swl.spamhaus.org*-10,
 
 ########
@@ -122,18 +117,17 @@ smtpd_recipient_restrictions =
         reject_unknown_sender_domain,
         reject_unknown_recipient_domain,
         reject_invalid_hostname,
-		warn_if_reject reject_unauth_pipelining,
-        permit_sasl_authenticated,
+        warn_if_reject reject_unauth_pipelining,
         permit_mynetworks,
-		reject_unverified_recipient,
+        reject_unverified_recipient,
         reject_unauth_destination,
         permit
 
 smtpd_sender_restrictions =
-	permit_mynetworks,
-	reject_non_fqdn_sender,
-	reject_authenticated_sender_login_mismatch,
-	permit_sasl_authenticated
+        permit_mynetworks,
+        reject_non_fqdn_sender,
+        reject_authenticated_sender_login_mismatch,
+        permit_sasl_authenticated
 
 #smtpd_restriction_classes = local_only
 #local_only =
-- 
GitLab