David Mehler:
> Hello,
>
> I'm running postscreen and I'm wondering about a setting. For
> postscreen_dnsbl_action, and postscreen_greet_action I've got them set
> to enforce. My problem is while it works I get clients that are repeat
> customers after they've already been dealt with. Should I change these
> to drop?
The difference between enforce and drop is that enforce will talk
to the client and get the helo/sender/recipient information.
This safety feature lets you know what mail you are not getting.
To drop repeat offenders you'd add them to postscreen_access.cidr
(don't forget to "postfix reload"). But I wonder how much of a
problem repeat offenders really are.
Wietse
> # For postscreen
> postscreen_access_list = permit_mynetworks,
> cidr:/etc/postfix/postscreen_access.cidr
> postscreen_dnsbl_threshold = 2
> postscreen_dnsbl_sites = zen.spamhaus.org*2
> bl.spamcop.net*2
> b.barracudacentral.org*3
> postscreen_dnsbl_action = enforce
> postscreen_greet_action = enforce
> postscreen_cache_map = proxy:btree:${data_directory}/postscreen_cache
> postscreen_cache_cleanup_interval = 0
>
> Thanks.
> Dave.
>
