On 3/17/2011 6:38 AM, Fernando Maior wrote:
On Thu, Mar 17, 2011 at 1:46 AM, Noel Jones <njo...@megan.vbhcs.org <mailto:njo...@megan.vbhcs.org>> wrote:On 3/16/2011 10:11 PM, Fernando Maior wrote: On Wed, Mar 16, 2011 at 11:39 PM, Wietse Venema <wie...@porcupine.org <mailto:wie...@porcupine.org> <mailto:wie...@porcupine.org <mailto:wie...@porcupine.org>>> wrote: Fernando Maior: > What is not clear for me is: do I need to change my main.cf <http://main.cf> <http://main.cf> in order to run > postscreen and do not duplicate its functionality in postfix? See: http://www.postfix.org/POSTSCREEN_README.html#intro http://www.postfix.org/POSTSCREEN_README.html#config Wietse Thank you, Wietse, I already read fully the document quoted. Only my question is not about that, but is about features that are duplicated on postscreen and postfix, as I understood. Postscreen used DNSBL and postfix can do it, either. So, my question is if I configure postscreen to use DNSBL, may I remove the lines for DNSBL checking on main.cf <http://main.cf> <http://main.cf> for postfix? I understand enabling that on both postscreen and postfix is doing the same thing twice... Am I wrong? Many thanks! Fernando Maior DNSBL checks can be removed from postfix main.cf <http://main.cf> if you do the same checks in postscreen. No need to do the same checks twice. RHSBL (domain name) checks will still need to be done in main.cf <http://main.cf>. It seems to me that smtpd_hard_error_limit, smtpd_helo_required and other configs may just be removed from main.cf <http://main.cf>, The settings you mention have no direct equivalent in postscreen. soft_bounce = yes That setting is for testing only and likely to greatly increase nuisance traffic if used in production. Remove it. maximum_queue_lifetime = 2h Why so short? You don't like to deliver mail? default_destination_concurrency_limit = 50 Why so high? You trying to get blacklisted? -- Noel Jones Hi Noel, As for queue lifetime, that server is just a spam remover, it is not being used for sending mail, so it do not have a real queue. It receives email from outside, filters it and relays to the real server inside.
So what happens when the inside servers are down for maintenance? Leave it at the default so you don't shoot yourself in the foot.
Well, concurrency limit is high because I do not have that big experience
If this is an incoming-only server, the concurrency is OK if your internal servers can handle the load. Setting high concurrency on an outgoing server is likely to get you firewalled.
with postfix, and did not get any helping configuring mine except what I could get from Internet.
Postfix is very well documented. Everything you need is available online. Postfix default settings are carefully chosen, don't change them without understanding why.
-- Noel Jones
