diff --git a/nftables-mail.conf b/nftables-mail.conf index 609e2f2..84bba4c 100644 --- a/nftables-mail.conf +++ b/nftables-mail.conf @@ -45,7 +45,7 @@ table inet filter { chain output { type filter hook output priority filter - skuid {opendmarc, opendkim, policyd-spf} oif lo meta l4proto {tcp, udp} th dport 53 accept + skuid {opendkim, opendmarc, policyd-spf} oif lo meta l4proto {tcp, udp} th dport 53 accept skuid != {root, systemd-network, chrony, unbound, postfix, dovecot, dovenull} counter goto output-reject }