On 10/02/24 02:50, Matus UHLAR - fantomas via Postfix-users wrote:
On 08.02.24 13:05, Doug Hardie via Postfix-users wrote:
I implemented postscreen quite a while ago. I don't see where or how
it introduces a delay to force the originating MTA to queue and try
later.
It does not introduce _this_ kind of delay, because it was the main
reason for noticeable delays of incoming mail I mentioned in my last
e-mail.
Yes it does, just not by default.
It has multiple benefits against bots, like:
- few seconds delay for refusing clients that send helo/ehlo before
esmtp greeting (I have used this for years with sendmail)
- dnwsl/dnsbl scoring system.
These are pretty safe to use.
These are the tests that are enabled by default. If you also enable the
other after-220 tests then postscreen will, after whitelisting the
connecting IP, give a 450 response which tells the sending server to
defer (disconnect and try again later). This is very similar to how
greylisting works.
Peter
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
