Hi, > It has multiple benefits against bots, like: > > - few seconds delay for refusing clients that send helo/ehlo before > > esmtp greeting (I have used this for years with sendmail) > > - dnwsl/dnsbl scoring system. > > > > These are pretty safe to use. > > These are the tests that are enabled by default. If you also enable the > other after-220 tests then postscreen will, after whitelisting the > connecting IP, give a 450 response which tells the sending server to > defer (disconnect and try again later). This is very similar to how > greylisting works. >
My concern would be with multiple MX records for the same domain - is it possible it would come back to try again with another MX and be delayed yet again? The sqlgrey perl script has the ability to consult a database to see if enough time has elapsed as well as cluster servers to see if the client has attempted a connection to one of the other MX servers. I'm not sure I ever managed to set it up successfully, however.
_______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
