[AddressCheck] #cache_storage: where should temporary data be stored? #valid storage backends: sql, redis, memory #memory backend is local only cache_storage=sql #dbconnection: sql backend sqlalchemy connection string dbconnection=mysql://root@localhost/callahead?charset=utf8 #redis: redis backend connection string (if using redis storage) redis=localhost:6379:1 #redis backend timeout in seconds redis_timeout=2 #memory backend cleanup interval in seconds cleanupinterval=300 #DEBUG SETTINGS #set this to true to disable the blacklisting of servers that don't support recipient verification always_assume_rec_verification_support=False #Set this to always return 'DUNNO' but still perform the recipient check and fill the cache (learning mode without rejects) always_accept=False #how long should expired positive cache data be kept in the table history [days] keep_positive_history_time = 30 #how long should expired negative cache data be kept in the table history [days] keep_negative_history_time = 1 [ca_default] #these are the default options. you can override every option for a domain by creating a new config section #[ca_example.com] #enable recipient verification enabled = 1 #socket timeout timeout = 30 #how long should we blacklist a server if it doesn't support recipient verification [seconds] test_server_interval = 3600 #how long should we cache existing addresses [seconds] positive_cache_time = 604800 #how long should we keep negative cache entries [seconds] negative_cache_time = 14400 #how should we retrieve the next hop? #sql: ( ${domain} will be replaced with the actual domain name) #static: #txt: (get from simple textfile in the format ) #mx:${domain} (mx lookup) server=mx:${domain} #sender address we should use for recipient verification. possibilities: #static address, eg. verification@yourdomain.com : probably the best option, but make sure the address exists in case the target does sender-callbacks #${bounce} : Use the null sender (bounce address). This should work as well, but can lead to problems if the target server does not like multiple recipients from the null-sender (eg. postfix with restriction reject_multi_recipient_bounce) #${originalfrom} : Use the original from address. Dangerous as this can lead to wrong negative cache entries if a sender address is blacklisted on the target server. sender=${bounce} # use opportunistic TLS if supported by server. set to False to disable tls use_tls=1 # accept mail on temporary error (400) of target server. # if disabled postomaat will return DEFER and the error message retrieved from target server accept_on_temperr=1 ## Problem actions #all those values can be DUNNO, DEFER or REJECT #action if we don't find a server to ask no_valid_server_fail_action=DUNNO no_valid_server_fail_interval=3600 no_valid_server_fail_message= #action if we can't resolve target server hostname resolve_fail_action=DUNNO resolve_fail_interval=3600 resolve_fail_message= #action if we cannot connect to the target server connect_fail_action=DUNNO connect_fail_interval=300 connect_fail_message= #action if the target server does not accept our HELO helo_fail_action=DUNNO helo_fail_interval=3600 helo_fail_message= #action if the target server does not accept our from address mail_from_fail_action=DUNNO mail_from_fail_interval=3600 mail_from_fail_message= #action if the target server show unexpected behaviour on presenting the recipient address rcpt_to_fail_action=DUNNO rcpt_to_fail_interval=3600 rcpt_to_fail_message=