update patterns
[ansible.git] / roles / email / templates / main.cf
index 7a735c2cc74010a597800dc0aa6c055b14131af9..45c77d39d937f50e69ffd8f7a2ce1934df07a4d3 100644 (file)
@@ -39,14 +39,17 @@ smtp_tls_security_level = dane
 postscreen_dnsbl_threshold = 3
 postscreen_dnsbl_whitelist_threshold = -2
 postscreen_dnsbl_sites =
 postscreen_dnsbl_threshold = 3
 postscreen_dnsbl_whitelist_threshold = -2
 postscreen_dnsbl_sites =
-       ix.dnsbl.manitu.net*2 sbl-xbl.spamhaus.org*2
-       bl.spamcop.net dnsbl.sorbs.net bl.mailspike.net
+       ix.dnsbl.manitu.net*2 sbl-xbl.spamhaus.org*3 truncate.gbudb.net*2
+       bl.spamcop.net bl.mailspike.net
        swl.spamhaus.org*-2 list.dnswl.org=127.0.[0..255].[0..254]*-2
 postscreen_greet_action = enforce
 postscreen_dnsbl_action = enforce
 postscreen_pipelining_enable = yes
 postscreen_non_smtp_command_enable = yes
 postscreen_bare_newline_enable = yes
        swl.spamhaus.org*-2 list.dnswl.org=127.0.[0..255].[0..254]*-2
 postscreen_greet_action = enforce
 postscreen_dnsbl_action = enforce
 postscreen_pipelining_enable = yes
 postscreen_non_smtp_command_enable = yes
 postscreen_bare_newline_enable = yes
+postscreen_access_list = permit_mynetworks,
+       cidr:$config_directory/postscreen_access.cidr
+postscreen_blacklist_action = enforce
 {% endif %}
 
 # control relay access
 {% endif %}
 
 # control relay access
@@ -139,4 +142,4 @@ smtpd_delay_reject = yes
 disable_vrfy_command = yes
 recipient_delimiter = {{ postfix.recipient_delimiter | default("+") }}
 delay_warning_time = 4h
 disable_vrfy_command = yes
 recipient_delimiter = {{ postfix.recipient_delimiter | default("+") }}
 delay_warning_time = 4h
-message_size_limit = 21384000
+message_size_limit = 30100100