On 12/16/2010 12:47 AM, Victor Duchovni wrote:
On Thu, Dec 16, 2010 at 12:38:46AM +0100, Jeroen Koekkoek wrote:
I've read through the postscreen code and got a general understanding of
how it works internally. But judging from the documentation: is postscreen
intended to ever do more than allowing/disallowing client connections? e.g.
greylisting or specifying a follow-up service like postgrey?
If it's not: It would be nice if the dnsbl results could be passed to the
follow-up smtpd process, so they in turn can be passed to a policy daemon.
It would save cpu cycles, etc and it would make implementing a policy
daemon that needs those results anyway a lot easier.
No, for most connections that are passed on the client was already
whitelisted, so no tests were performed and there are no results to
pass on. There is no benefit in over-optimizing this code path, if
DNSbl lookups were performed, the data is cached in your DNS cache,
and another lookup will be quite cheap.
As for policy daemons, they may run before or after Postfix performs
any RBL lookups, and the complexity of trying to pass such data to
them is not worth the effort.
You are right, forgot about postscreen's internal cache.
Well, not before the connection is handed of to an smtpd right? But yes,
you are right. Results should be read from a caching dns server to keep
things simple.
- Jeroen
