Another thing I think I see about postscreen is that it apparently will only
look up IP addresses. There doesn't seem to be any postscreen_rhsbl_sites
feature (which might allow me to move my current reject_rhsbl_client and
permit_rhswl_client checks into postscreen). Is such a thing planned,
On 6/8/2011 12:05 PM, Rich Wales wrote:
Another thing I think I see about postscreen is that it apparently will only
look up IP addresses. There doesn't seem to be any postscreen_rhsbl_sites
feature (which might allow me to move my current reject_rhsbl_client and
permit_rhswl_client checks into
On Wed, Jun 08, 2011 at 10:05:05AM -0700, Rich Wales wrote:
Another thing I think I see about postscreen is that it apparently
will only look up IP addresses. There doesn't seem to be any
postscreen_rhsbl_sites feature (which might allow me to move my
current reject_rhsbl_client and
Rich Wales:
Another thing I think I see about postscreen is that it apparently will only
look up IP addresses. There doesn't seem to be any postscreen_rhsbl_sites
feature (which might allow me to move my current reject_rhsbl_client and
permit_rhswl_client checks into postscreen). Is such a
* Rich Wales ri...@richw.org:
If I enable postscreen and specify my choice of blocklists and whitelists
in postscreen_dnsbl_sites, am I correct in assuming that I might as well
remove any reject_rbl_client and permit_dnswl_client clauses from my
smtpd_*_restrictions, since they will now be
* Rich Wales ri...@richw.org:
value from a given list. (I won't go into the details, they would be
off-topic here, but it's nice to have this capability.)
It will probably start a flamewar, but I personally am interested in
your particular weights on the different RBLs
--
Ralf Hildebrandt
Rich Wales:
Note that postscreen caches the results of successful tests,
so that it does not repeat every test for every connection.
This is controlled by the postscreen_mumble_ttl parameters.
Some caching may also be done by my DNS server too, right? This would,
of course, be
On Tue, Jun 07, 2011 at 07:03:34AM -0400, Wietse Venema wrote:
Note the following difference.
postscreen caches that the client IS NOT listed in DNSBL.
It doesn't cache clients that are listed.
DNS servers cache that the client IS listed in DNSBL.
They don't cache non-existent DNSBL
If I enable postscreen and specify my choice of blocklists and whitelists
in postscreen_dnsbl_sites, am I correct in assuming that I might as well
remove any reject_rbl_client and permit_dnswl_client clauses from my
smtpd_*_restrictions, since they will now be redundant?
Rich Wales
On 06/06/2011 10:45 PM, Rich Wales wrote:
If I enable postscreen and specify my choice of blocklists and whitelists
in postscreen_dnsbl_sites, am I correct in assuming that I might as well
remove any reject_rbl_client and permit_dnswl_client clauses from my
smtpd_*_restrictions, since they will
On 6/6/2011 5:34 PM, Jeroen Geilman wrote:
On 06/06/2011 10:45 PM, Rich Wales wrote:
If I enable postscreen and specify my choice of blocklists
and whitelists
in postscreen_dnsbl_sites, am I correct in assuming that I
might as well
remove any reject_rbl_client and permit_dnswl_client clauses
On the interfaces and ports that postscreen(8) passes mail to, yes.
Do note that the behaviour is different; you will be able to directly
transplant your reject_rbl_client RBLs to postscreen, but postscreen
has many more options available, such as checking for exact return
values, and scoring
Rich Wales:
If I enable postscreen and specify my choice of blocklists and whitelists
in postscreen_dnsbl_sites, am I correct in assuming that I might as well
remove any reject_rbl_client and permit_dnswl_client clauses from my
smtpd_*_restrictions, since they will now be redundant?
Almost.
Note that postscreen caches the results of successful tests,
so that it does not repeat every test for every connection.
This is controlled by the postscreen_mumble_ttl parameters.
Some caching may also be done by my DNS server too, right? This would,
of course, be transparent to Postfix and
Rich Wales:
Note that postscreen caches the results of successful tests,
so that it does not repeat every test for every connection.
This is controlled by the postscreen_mumble_ttl parameters.
Some caching may also be done by my DNS server too, right? This would,
of course, be
15 matches
Mail list logo