Marcin Orlowski wrote: > On Mon, 20 Sep 2010 21:01:39 +0200, Marcin Orlowski <car...@wfmh.org.pl> > wrote: > > >> I'd rather expect DENIED_IDENTICAL_SENDER_RECIPIENT to appear >> in logs, as such filter definitely "costs" less than >> DNS queries. I tried to find filter chain described in the >> manual, but seems there's no such information. Sam, wouldn't >> be much better to have order reversed here? > > I now also spotted that when you enablie any BLs, these are > also queried before reject-identical-sender-recipient is > checked - so I second myself :) reject-identical-sender-recipient > shall be evaluated prior performing any other blocking filters > simply for faster processing > > Regards,
I expect that Sam will have some words of wisdom here, but I'll chime in beforehand. The most efficient balance overall for filtering efficiency cannot be done by doing the least costly filters first. While that's a simple approach (and simplicity has its merits), it's not necessarily optimal. I expect that the RBL and DNS checks are being done as soon as possible in the process (when the sender's IP address is first known), which is at a point when the sender and recipient addresses aren't yet available. In order to do the DENIED_IDENTICAL filter, the smtp session must progress to the point of having that information, which also uses resources (a few more send/receive transmissions into the session). In order process the DENIED_IDENTICAL filter first, resources would need to be used to get the sender and recipient addresses for *all* messages, including those that are rejected based on one of the IP filters. I believe that this extra overhead would outweigh the potential savings of applying the DENIED_IDENTICAL filter before RBL and DNS filters. In addition, I think the RBL and DNS filters have a higher probability of rejecting a given message than the DENIED_IDENTICAL filter, which also weighs into the equation. Is that about right, Sam? (FWIW, I don't use this filter, so it doesn't really matter to me. I just blacklist local domains instead). -- -Eric 'shubes' _______________________________________________ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
