Charles Marcus wrote:
On 7/30/2009, Martijn de Munnik (mart...@youngguns.nl) wrote:
Mmmm, I'm using transport maps to forward mail to the final mail
server. So the verify should contact the remote server and I think
that is almost as expensive as a RBL check.
I don't think so, but am not certain... hopefully someone who knows for
sure will chime in...
Address verify callouts are quite time consuming, so quite
expensive - much more than an RBL lookup. However, when valid
recipients are found in the cache, the impact on mail should
be very low.
So using a cache with a generous positive expire time is a
very good idea.
Also I want to use the address_verify_map cache and want it to be as
small as possible.
You could set address_verify_negative_cache = no, to limit it to only
caching positive hits.
Probably better to just set negative caching to a small time
limit - maybe a few hours.
Oh... also, you want to be sure that the admins managing the domains you
are doing this for are ok with it... which they certainly should be, if
you are acting as their relay... blindly performing sender or recipient
validation on all mail will get you blacklisted eventually...
You're right that doing sender verification on all mail will
eventually get you blacklisted. Doing recipient validation
will only get you blacklisted if your own users do a directory
attack on some third party - but that will get you blacklisted
whether you do validation callouts or not...
That said, recipient verification only makes sense for domains
you relay and don't have a valid recipient list for.
-- Noel Jones
