Gilgongo via Postfix-users:
> I notice Spamhaus say that for smaller hosts, RBL blocking at smtp level is
> not recommended, and instead it?s better to use a milter for RBL checking.
>
> https://docs.spamhaus.com/datasets/docs/source/40-real-world-usage/PublicMirrors/MTAs/030-Sendmail.html
Only a fool would expose SpamAssassin to the full mail stream.
Postfix implements a multi-layer defense, where solutions like
SpamAsssassin are partt of the last layer.
* As the first layer, postscreen(8) blocks connections from zombies
and other spambots that are responsible for about 90% of all
spam. It is implemented as a single process to make this defense
as inexpensive as possible.
* The second layer implements more complex SMTP-level access
checks with Postfix SMTP servers, policy daemons, and Milter
applications.
* The third layer performs light-weight content inspection with
the Postfix built-in header_checks and body_checks. This can
block unacceptable attachments such as executable programs, and
worms or viruses with easy-to-recognize signatures.
* The fourth layer provides heavy-weight content inspection with
external content filters. Typical examples are Amavisd-new,
SpamAssassin, and Milter applications.
* Each layer reduces the spam volume. The general strategy is to
use the less expensive defenses first, and to use the more
expensive defenses only for the spam that remains.
(the above is from https://www.postfix.org/POSTSCREEN_README.html).
Wietse
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
