Cameron L. Spitzer wrote:
>
> Returning to the original question, how do I tell Postfix
> to reject messages to postmaster from a certain CIDR if
> they have no rDNS, but accept the ones with valid rDNS?
>
My setup is a lot different to yours and, as you guessed, I have a lot
less traffic. I put SA on my inbound message flow upstream of Postfix:

ISP--POP3-->fetchmail|SA|spamkiller|sendmail--SMTP-->Postfix

with outbound mail going directly to my ISP's mail server via SMTP and
SA,spamkiller and sendmail all connected by pipes in a script driven by
fetchmail's 'mta' facility.

Spamkiller is my own toy and is dead simple. If a message isn't spam it
pipes it to sendmail for forwarding to Postfix. If it IS spam it gets
thrown in the bit bucket. Either way spamkiller returns a zero exit code
to fetchmail to signal that the message was delivered OK. This causes
fetchmail to delete it from the ISP's mailbox. Spamkiller's logic is:

read the message headers into a buffer
if (the message is spam)
discard the headers
read, discarding input, until EOF
exit with status = 0
else
start sendmail via popen()
send it the headers
copy the message body to it
pclose()
exit with status returned by sendmail
endif

I've described this at length because I think you could use the same
technique in a Postfix service. If your program makes sure that the
service always reports "good delivery" it could probably get away with
chucking objectionable messages in the bit bucket rather than
re-injecting them into the SMTP input queue.

HTH


--
martin@ | Martin Gregorie
gregorie. | Essex, UK
org |