Rich Wales:
> > Note that postscreen caches the results of successful tests,
> > so that it does not repeat every test for every connection.
> > This is controlled by the postscreen_mumble_ttl parameters.
>
> Some caching may also be done by my DNS server too, right? This would,
> of course, be transparent to Postfix and would depend on the TTL info
> from the whitelist / blocklist.
Note the following difference.
postscreen caches that the client IS NOT listed in DNSBL.
It doesn't cache clients that are listed.
DNS servers cache that the client IS listed in DNSBL.
They don't cache non-existent DNSBL records.
So, the two really cache opposite things, if we focus on "good"
SMTP clients. And that is where Postfix tries to minimize the
performance hit.
Wietse
