2 files changed, 18 insertions, 6 deletions

diff --git a/postfix/anti-uce.sh b/postfix/anti-uce.sh
index b4a4859..6458e25 100755
--- a/postfix/anti-uce.sh
+++ b/postfix/anti-uce.sh
@@ -1,15 +1,19 @@
 #!/bin/sh
+
+mapsfile="/etc/local-COMMON/postfix/rbl_lookup_hosts"
+maps=`cat $mapsfile | grep -v '^#' | sed 's/#.*//' | tr "\n" "," | sed -e 's/[, ]\+/,/g' -e 's/,$//'`
+
 postconf -e "smtpd_helo_required = yes"
 postconf -e "permit_mx_backup_networks = /etc/local-COMMON/postfix/mx_networks"
-postconf -e "maps_rbl_domains = "`cat /etc/local-COMMON/postfix/rbl_lookup_hosts`
+postconf -e "maps_rbl_domains = $maps"
 postconf -e "smtpd_recipient_restrictions = reject_invalid_hostname,reject_non_fqdn_hostname,reject_non_fqdn_sender,reject_non_fqdn_recipient,reject_unknown_sender_domain,reject_unknown_recipient_domain,reject_unauth_pipelining,permit_mynetworks,permit_mx_backup,reject_unauth_destination,reject_maps_rbl,reject"
 
 /etc/init.d/postfix reload
 
-# The above is based on this:
-#   http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt
-# with the addition of MX backup networks and the PCRE stuff avoided
-# (PCRE is optional on newest Debian packages)
+# Based on this: http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt
+# Support fortrusted MX backup networks added
+# PCRE stuff avoided,as PCRE is only optional on newest Debian packages
+# RBLs replaced with those recommended by http://www.antispews.org/
 
 # Here's a convenient overview of different blackholes:
 #   http://rbls.org/
diff --git a/postfix/rbl_lookup_hosts b/postfix/rbl_lookup_hosts
index bf7d121..53ded7c 100644
--- a/postfix/rbl_lookup_hosts
+++ b/postfix/rbl_lookup_hosts
@@ -1 +1,9 @@
-relays.visi.com,relays.ordb.org,inputs.relays.osirusoft.com,dialups.relays.osirusoft.com,spews.relays.osirusoft.com
+#relays.visi.com
+bl.spamcop.net
+list.dsbl.org
+multihop.dsbl.org
+relays.ordb.org
+spam.dnsrbl.net
+#inputs.relays.osirusoft.com
+#dialups.relays.osirusoft.com
+#spews.relays.osirusoft.com # spews is bad: http://www.antispews.org/