I have my postfix main.cf configured with a number of blacklists:
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
reject_unauth_pipelining,
reject_invalid_hostname,
reject_non_fqdn_hostname,
reject_rbl_client opm.blitzed.org,
reject_rbl_client zombie.dnsbl.sorbs.net,
reject_rbl_client cbl.abuseat.org,
reject_rbl_client multi.uribl.com,
reject_rbl_client dsn.rfc-ignorant.org,
reject_rbl_client dul.dnsbl.sorbs.net,
reject_rbl_client sbl-xbl.spamhaus.org,
reject_rbl_client bl.spamcop.net,
reject_rbl_client dnsbl.sorbs.net,
reject_rbl_client ix.dnsbl.manitu.net,
reject_rbl_client combined.rbl.msrbl.net
An incoming mail was just rejected because it appeared on one of these lists (sorbs.net) but not on the others. Is it possible to configure postfix to only reject if 2 or more lists contain that IP address? I'm hoping this will remove false matches...
Upgrade your postfix version to at least 2.8, and configure postscreen.
It supports complex weighting and thresholds for individual DNSBLs
AFAIK what you ask is not possible with a standard postfix configuration. However, you could delegate the RBL checks to a postfix policy daemon that would do some custom checking of your own.
I'd suggest you have a look at the list of such daemons provided on the Postfix website. One of them might suit your needs. I've not used any of those but, looking at the documentation, the following seems particularly useful: