On 2025-01-24 11:04, MRob via Postfix-users wrote: > > Question occur to me, is there way to cease dnsrbl lookups once > threshold is met? I think answer is "no" because Postscreen canot guess > if there will be whitelist next. > > Could be nice if there's trick to do: > * keep whitelist/blacklist lookup separate > * choose maximum needed threshold for each > * combine final points > > I wonder coould it be possible so avoid too many dns lookup or reduce > load upon public RBLs?
Speaking of which - it would be also profitable to have FCrDNS in postscreen, or - at least, just simple, plain revDNS check _before_ all those RBLs lookups. There is no point in sending dozens of queries (especially when DNS server uses QNAME minimization) and disturb several 3rd party services just to defer/reject connection a few seconds later with reject_unknown_reverse_client_hostname/reject_unknown_client_hostname. I've been thinking about running own RBL doing exacly this (returning response based solely on revDNS existence), but as all the RBL lookups are being done anyway there was no gain. And if the smtpd could calculate RBL/WL scores the need to use postscreen at all would be reduced (at least to those who don't care about system load) and save even more RBL queries (when executed after other filters/milters). _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
