Viktor Dukhovni:
> > On Nov 1, 2018, at 11:30 AM, Bill Cole
> > <[email protected]> wrote:
> >
> > I intend to experiment with postscreen on 587 on the next Postfix
> > system I work with where compromised accounts are a problem.
>
> Don't waste your time. Postscreen cannot help you with this.
> Postscreen maintains dynamic IP-address whitelists/blacklists,
> which are of little use in submission, because submission users
> routinely use dynamic IP addresses.
>
> Also MUAs are interactive, and users are not terribly fond of
> having their mail submission temporarily rejected and having
> to try again later. Postscreen never accepts a message on
> the first try when the IP address is not already whitelisted.
That depends. I don't use 'after 220' tests, and never have
client forced to reconnect.
> Postscreen also gets most of its effectiveness from RBLs,
> these too are not terribly appropriate for submission, as
> legitimate submission users will dynamically get IPs that
> botnets have previously abused.
>
> You probably know all this, and perhaps you'll still be able
> to figure out some usable deployment model, but I'm not
> optimistic...
I think that there are DNSBLs that explicitly target bots,
so a remote IP address may get flagged for that (whether it
will be flagged soon enough is a different matter).
Wietse
