> Note that postscreen caches the results of successful tests, > so that it does not repeat every test for every connection. > This is controlled by the postscreen_mumble_ttl parameters.
Some caching may also be done by my DNS server too, right? This would, of course, be transparent to Postfix and would depend on the TTL info from the whitelist / blocklist. It appears, based on my server's logs, that postscreen always queries every site I name in postscreen_dnsbl_sites -- subject, of course, to caching by my DNS server and by postscreen's own TTL settings. I'd think it would be possible, in some cases, to avoid some queries once enough information is obtained to make a threshold decision -- e.g., by checking lists in descending order by absolute value of weight, a point may be reached where no further results can make a difference in the decision to permit or reject. Do you think there would be any point in doing this? Or would it just be a meaningless exercise, and you might as well query everything every time? Rich Wales ri...@richw.org
