Postscreen additional settings best practice

Hi,

We adjusted a lot of antispam settings, mainly by using postscreen features.

I would now like to have a possibility to also include the following settings in the templates in Univention, so that they are not removed during updates.

1.) in /etc/postfix/main.cf this should be added:

postscreen_dnsbl_reply_map = texthash:/etc/postfix/dnsbl_reply

But there is (so far) no registry entry, which I would like to have.

2.) In /etc/postfix/master.conf sthis should be added:

smtpd pass - - n - - smtpd -o milter_default_action=tempfail -o smtpd_milters=unix:/var/spool/postfix/benno-milter/benno-milter.sock -o content_filter=dfilt:
smtp inet n - n - 1 postscreen
tlsproxy unix - - n - 0 tlsproxy
dnsblog unix - - n - 0 dnsblog

3.) in /etc/postfix/master.conf the following line should be completely commented out, otherwise Benno will cause trouble here:

#25 inet n - n - - smtpd -o milter_default_action=tempfail -o smtpd_milters=unix:/var/spool/postfix/benno-milter/benno-milter.sock -o content_filter=dfilt:

how can I best achieve this all?

thanks
Sascha

Hi,

afaik any additional configs can be placed without altering the templates into main.cf.local and master.cf.local.
Re. 3 you have to check how the line was added.

hth,
Dirk

defo helps Dirk, thanks!

hm, if i add the line to mail.cf.local and restart postfix, i cannot find that new line with posconf -n.
is that expected behaviour?

This way? Yes!
You have to ucr commit /etc/postfix/main.cf. See /etc/univention/templates/files/etc/postfix/main.cf.d/99_local

grmpf…ok that figures! Thank you!