On Fri, Apr 27, 2012, at 05:23 PM, Jim Reid wrote: > The info will already be cached at your local DNS server. So you've snip.
Nicely explained. > My advice is to leave this alone. It's already working at maximum > efficiency pretty much straight out of the box and there are no > meaningful postfix (or DNS) configuration tweaks which could make > things even faster. I'd still think that a local check by Postfix to an 'auto-expiring hash table' (unclear so far it that can be done) to which the 'bad' address was added would still be more efficient and less overall network load than a query to locally cached DNS. I understand it's a matter of degree and from you explanation I may be down to splitting-hairs. > > I'll first ask how to do this without postscreen. > > postscreen is not the answer anyway. This is likely to be far, far > more expensive than a DNS lookup. So don't do that. :-) I haven't used postscreen yet -- still reading about it. I thought the idea behind it was to be very-lightweight rejection as far forward in the transaction process as possible. At least its use of DNSBL checks. -- Thanks, Karen
