# declare a file to load. If lock is given, the klist is locked into the
# RAM. The weight is a number giving the weight of this blaclist file in the
# score of the IP
+# - rbldns: (no)?lock:weight:filename
+# this is an alias for file.
+# - dns: weight:hostname
+# use a rbl via DNS resolution with the given weight. If a DNS lookup error occurs
+# the IP is considered as beeing "not found".
# - soft_threshold: score (default: 1)
# minimum score to match the soft_match return value
# - hard_threshold: score (default: 1)
# Return value:
# The score of a query is the sum of the weight of the blacklist it matched.
# - If the IP can not be parsed, returns error
+# - If no rbl was available (no file and all dns down), returns error.
# - If the score is strictly greater >= than hard_threshold, returns hard_match
# - If the score is strictly greater >= than soft_threshold, returns soft_match
# - Else, returns fail
# * a file that contains "postmaster@" in "partial-prefix" mode will match all
# postmaster emails.
# * a file open without "partial-" modifier match exact strings.
+# - rbldns: (no)?lock:weight:filename
+# declare a rbldns zone file to load. This is exactly the same as file excepted that it wraps
+# parsing of hostname to split them into 2 categories:
+# * names beginning with '*' are sorted as 'domains' and are matched as suffix
+# * names starting with an alphanumirical character are sorted as 'hostnames' and are
+# process via exact matching.
+# - dns: weight:hostname
+# use a rhbl via DNS resolution with the given weight. If a DNS lookup error occurs
+# the hostname is considered as beeing "not found". This can only be used with "hostnames"
+# typed fields.
# - soft_threshold: score (default: 1)
# minimum score to match the soft_match return value
# - hard_threshold: score (default: 1)
# currently only email OR hostname fields are supported. You MUST choose only
# one of these types per strlist, and be carefull that the field you requested
# are available in the protocol state you want to use this filter for.
-# * hostname fields: helo_name, client_name, reverse_client_name
+# * hostname fields: helo_name, client_name, reverse_client_name, sender_domain,
+# recipient_domain
# * email fields: sender, recipient
# No space is allowed in this parameter.
# Return value:
# The score of a query is the sum of the weight of the list it matched.
+# - If no rhbl was available (no file and all dns down), returns error.
# - If the score is strictly greater >= than hard_threshold, returns hard_match
# - If the score is strictly greater >= than soft_threshold, returns soft_match
# - Else, returns fail
# configuration
file = lock:1:suffix:/var/spool/postlicyd/client_whitelist;
- fields = client_name;
+ rbldns = lock:1:/va/spool/postlicyd/abuse.rfc-ignorant.org;
+ fields = client_name,sender_domain,helo_name;
# hooks
on_hard_match = postfix:OK;
# emitted by postfix. This list with description of each
# field is available at:
# http://www.postfix.org/SMTPD_POLICY_README.html
+# postlicyd also support fields sender_domain and recipient_domain
# * OP is an operator. Available operators are:
# == field_name is strictly equal to value
# =i field_name is case insensitively equal to value