I just wrote a Postfix Policy Daemon that checks on the r(h)bls you give him in the config file if the current sender seems clean or not. Two cases :

  1. it's clean for every r(h)bl that is tested, then whitelister returns 'OK' and postfix will accept the mail
  2. it's suspicious, and then whitelister returns 'DUNNO', and then postfix will try the next smtpd_sender_restriction ... which is ... postgrey !

And it works really well. It still needs some polishing (like dropping privileges, use a pidfile, fork in the background, and that kind of stuff) but it's really acceptable for a 3-hours hack. God I love ocaml.

I use the rbls :

  • dynablock.njabl.org
  • dul.dnsbl.sorbs.net

and the rhbl :

  • bogusmx.rfc-ignorant.org

btw, I've made debian packages deb http://opensource.polytechnique.org/debian ./.