On Fri, Apr 27, 2012, at 02:04 PM, /dev/rob0 wrote: > But consider this: the TTL of a DNSBL listing is a feature. Sometimes > legitimate sites will be listed, for example, in the CBL. Once they > clean up the problem, do you still want to block them?
That's not within the scope of my use case. The vast majority of these 'repeat connection culprits' are doing so within a timeframe that's vastly smaller than typical CBL delisting times. *Within* that scope, the process idle/retire parameters that were shared earlier are more than sufficient, given that I've learned that Postfix does its own DNSBL IP caching. -- Thanks, Karen
