Wietse, On Fri, Apr 8, 2016, at 10:04 AM, jaso...@mail-central.com wrote: > > Writing to the postscreen access list (with fail2bain etc.) is > > generally not supported. It can be done with LMDB but only if you > > use the locking protocol described in lmdb_table(5). Otherwise the > > result will be incorrect.
Does that^ imply that I can replace the cidr_table for postscreen_access with an lmdb_table? Reading http://www.postfix.org/lmdb_table.5.html The LMDB adapter supports all Postfix lookup table operations. Thismakes LMDB suitable for Postfix address rewriting, routing, accesspolicies, caches, or any information that can be stored under a fixedlookup key. Is sounds like it might. But http://www.postfix.org/POSTSCREEN_README.html The postscreen_access_list parameter (default: permit_mynetworks) specifies a permanent access list for SMTP client IP addresses. Typically one would specify something that whitelists local networks, followed by a CIDR table for selective white- and blacklisting. mentions only CIDR table. Is cidr: or lmdb: recommended? If lmdb:, is it a simple swap of DB type, with same content, e.g. cat /etc/postfix/postscress_access 1.2.3.4/32 reject and the appropirate .lmdb map? Jason
