MRob via Postfix-users:
> On 2025-01-23 20:25, Randy Bush via Postfix-users wrote:
> >> I'm using zen.spamhaus.org for blocking and list.dnswl.org (with
> >> filter)
> >> for allowlisting.
> >>
> >> zen.spamhaus.org*2 list.dnswl.org=127.0.[0..255].[1..3]*-2
> >
>
> Question occur to me, is there way to cease dnsrbl lookups once
> threshold is met? I think answer is "no" because Postscreen canot guess
> if there will be whitelist next.
>
> Could be nice if there's trick to do:
> * keep whitelist/blacklist lookup separate
> * choose maximum needed threshold for each
> * combine final points
>
> I wonder coould it be possible so avoid too many dns lookup or reduce
> load upon public RBLs?
This perceived problem is already optimized away with caching. On
my system 93% of connections are from repeat clients.
postscreen, as well as your local DNS resolver, will cache positive
and negative responses from DNS reputation services. In fact,
postscreen will enforce a sane minimum TTL (postscreen_dnsbl_min_ttl,
default 60s) in the case that the reputation service specifies a
smaller value.
Concerns about query minimization should be addressed outside of Postfix.
In case people forget: postscreen does not answer the question "does
this client send spam?". Instead, it answers the question "is this
s spambot?". For that, FCRDNS is irrelevant. Reputation is relevant
for that question, as is behavior, but the deep protocol tests are
too intrusive if applied to every client.
Wietse
_______________________________________________
Postfix-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
