Alright. Some background. We have an anti-spam cluster trucking about 2-3 million emails per day, blocking somewhere in the range of 99% of spam email from our end users.
The underlying SMTP server is Postfix 2.2.10. The "Frontline defense" before mail gets carted off to SpamAssassin/ClamAV/ ect ect, is attached below.
...basic config....
smtpd_recipient_restrictions =
reject_unauth_destination,
reject_rbl_client b.barracudacentral.org,
reject_rbl_client cbl.abuseat.org,
reject_rbl_client bl.mailspike.net,
check_policy_service unix:postgrey/socket
...more basic config....
As you can see, standard RBL services from various companies, as well as a Postgrey service.
The problem is, I have one client (out of thousands) who is very upset that we blocked an important email of theirs. It was sent through a russian freemailer who was currently blocked in two of our three RBL servers. I explained the situation to them, however they are insisting we do not block any of their emails.
So i need a method of whitelisting ANY email that comes to domain.com, however i need it to take place before any of the recipient restrictions, they want no RBL or postgrey blocking at all.
I've done a bit of research myself, http://www.howtoforge.com/how-to-whitelist-hosts-ip-addresses-in-postfix seemed to be a good guide at first, almost fixing my problem, But i want it to accept based on TO address, not originating server.
Best Answer
If you do processing based on
RCPT TOaddress, you are going to flood this person with spam, because it will disable any further spam checks.Your only option is to use
check_sender_access.Like so:
dont forget to
postmap access_senderafter you create it.