On 30 Sep 2019, at 21:28, Ramon F Herrera wrote:
On 9/29/2019 3:10 PM, Bill Cole wrote:
Beyond translating configuration, there's one important part of
Postfix that has no Sendmail equivalent: the postscreen front-line
SMTP screener program. Postscreen implements a greeting pause,
weighted parallel DNSBL checking, and optionally a few other
spambot-detection tactics. Because it is a unique tool, some
distributions do not enable it by default. Make sure you have it set
up, because it is an extremely effective and lightweight tool.
Bill: Can you please explain that tool?
The "postscreen" component of Postfix handles the initial connection for
each port 25 (SMTP) session. It is very lightweight and handles a short
list of behavioral tests (most importantly a "greeting pause") and DNSBL
checking that is designed to screen out pure spambots. Only potential
non-spambots are handed off to the real Postfix SMTP server. It screens
out most SMTP clients before the initial greeting is fully sent with no
false positives unless you use sloppy DNSBLs or use its most aggressive
options (which require "good" clients to handle 4xx replies properly.)
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
