Wietse Venema:
> Vernon A. Fort:
> > Also, since postscreen cache's the dnsbl hits -
>
> Only for a split second. However, the lookups will be cached in
> the local DNS server, which you should have if your mail server
> handles a non-trivial amount of email.
The postscreen daemon is meant to keep zombies away from smtpd
processes, so there is no need for smtpd to peek at the postscreen
whitelist.
Assuming that you have:
postscreen_dnsbl_action = enforce (or drop)
postscreen_pregreet_action = enforce (or drop)
when postscreen hands off a connection to smtpd, then we already
know that the DNSBL lookups were "clean" so there is no need for
smtpd to repeat those lookups (but when it does, the DNS lookup
result should still be cached in the DNS server).
Without postscreen_mumble_action = enforce (or drop), postscreen
runs in "logging only" mode and doesn't stop anything.
Wietse
