>How does this affect the performance ?
It keeps my_networks from sending mail to Internet that have unverified recipients (IMGate's queue doesn't get clogged with undeliverable msgs when Imail bounces mail from forged senders, etc) and unverified senders (when my_networks IPs are forging senders). I have observed that there can be a LOT of crap coming from Imail servers. This can happen when Internet access to Imail is not blocked, so spam hits Imail directly, Imail/declude accept the mail, then reject it, sending the non-delivery msg back through IMGate, which often can't deliver the msgs because the sender was forged. With IMGate applying RAV to Imail outbound, this crap dies on the Imail box. >Without this spam, the server has = >around 50'000 mail/day. > >One IMGate was blocked by aol.com because it has made to mauch = >connections.. Yep, SAV can cause that to happen when your IMGate is trying to validate forged MAIL FROM: [EMAIL PROTECTED] In the advanced IMGate config, I have a filter that refuses MAIL FROM: [EMAIL PROTECTED] if the PTR of the MTA is not in a list of BigISP MTA's. This stops tons of (AOL, etc) forgeries before IMGate gets to the SAV test (and is more aggressive than from_senders_bogus), so it's much faster than SAV (no SMTP connect-to-MX delay) and AOL's "too many RCTP TO: to unknown recipients" threshold doesn't get. Without the above advanced filter, you should run SAV last in the list of smtpd_recipient_restrictions (and certainly not first or early), so the msg has maximum chances to get rejected for non-SAV reasons. eg, the from_senders_bogus filter will at least stop all the AOL mail from PTR-less IPs. Len
