On 9/16/2010 6:16 PM, Vernon A. Fort wrote:
I've read but its not clear (to me) if one can (or should) use rhsbl sites in postscreen. Well, actually, i did configure but then removed.
Postscreen has no "name" based features. As documented, all whitelist/blacklist and DNS lookups are IP number based.
Currently, I have (so far): postscreen_dnsbl_threshold = 2 postscreen_dnsbl_sites = zen.spamhaus.org*2 bl.spamcop.net*1
This tells postfix "always block on spamhaus, ignore spamcop results".
In the above config, the spamcop lookup only serves to pre-load your DNS cache with lookup data. This might provide a very slight benefit later in the process if you use spamcop in SpamAssassin or similar scoring scheme, but overall is pretty worthless.
If you reject with spamcop in smtpd restrictions, might as well change your threshold to 1.
Scoring is more useful when combining multiple not-fully-trusted lists where the score requires 2 or more to agree on blocking, and for using negative score dns whitelists to rescue mostly good servers that occasionally get listed.
-- Noel Jones
