postscreen parametrization

Dockerfile

@@ -29,6 +29,15 @@ ENV MESSAGE_SIZE_LIMIT=31457280
 ENV SMTPD_HELO_REQUIRED=yes
 ENV BIFF=no
 ENV SUBMISSION_ENABLE=no
+ENV POSTSCREEN_ENABLE=no
+ENV POSTSCREEN_ACCESS_LIST="cidr:/etc/postfix/rules/postscreen_access_list.cidr, permit_mynetworks"
+ENV POSTSCREEN_DNSBL_SITES="zen.spamhaus.org*3, b.barracudacentral.org*2, bl.spameatingmonkey.net*2, bl.spamcop.net, dnsbl.sorbs.net, psbl.surriel.com, bl.mailspike.net, swl.spamhaus.org*-4"
+ENV POSTSCREEN_DNSBL_REPLY_MAP="pcre:/etc/postfix/rules/postscreen_dnsbl_mask.pcre"
+ENV POSTSCREEN_BLACKLIST_ACTION="drop"
+ENV POSTSCREEN_DNSBL_ACTION="enforce"
+ENV POSTSCREEN_DNSBL_THRESHOLD="3"
+ENV POSTSCREEN_DNSBL_WHITELIST_THRESHOLD="-1"
+ENV POSTSCREEN_GREET_ACTION="enforce"
 
 # TODO: template access lists
 
@@ -48,6 +57,8 @@ RUN echo "_dev_null: /dev/null" > /etc/aliases \
 	/etc/postfix/rules/client_access_list \
 	/etc/postfix/rules/helo_access_list \
 	/etc/postfix/rules/recipient_access_list \
+	/etc/postfix/rules/postscreen_access_list.cidr \
+	/etc/postfix/rules/postscreen_dnsbl_mask.pcre \
   && mkdir -p /ssl \
   && chmod 700 /ssl \
   && cp /etc/ssl/certs/ssl-cert-snakeoil.pem /ssl/cert.pem \