On 8/2/2012 6:26 AM, Chad M Stewart wrote: > > On Aug 2, 2012, at 6:07 AM, Wietse Venema wrote: > >> Chad M Stewart: >>> >>> I am not understanding something correctly. I'm using postscreen >>> and noticed that a recently connected IP had was not marked as >>> PASS OLD but rather PASS NEW. See log entires below >> >> PASS NEW means there was no cache entry. Postfix does not >> keep expired entries for eternity. > > Is the expired time configurable? > > I used to use OpenBSD's spamd (for greylisting). I recall its logic being > that when IP was whitelisted, it remained on the whitelist for X time since > its last connection to the host (35 days was the default I believe). In > other words a system that connects to my mail server a lot would remain on > the whitelist essentially indefinitely. Systems that only connect to my mail > server every 45 days would have to go through the whitelist process every > time. I think 35 days was selected for those once a month systems that send > out reminders. > > I'd like to achieve this same behavior with postscreen, but alas looks like > not possible. :(
Then clearly you don't understand why postscreen even exists, nor how it works. Postscreen is designed to stop bot spam. The other stuff bolted on such as DNSBL support, whitelists and blacklists was due to feature creep and most of it was not necessary. Postscreen imposes little delay on non-bot smtp clients, whether they're already cached or not, unless you have deep protocol tests enabled. In that case an SMTP client may get 4xx'd once if not in the cache, forcing the client to retry. Even then the delay is typically less than with a greylisting daemon. So my question for you is, why is it _necessary_ to salt this expiration period to your individual taste? What would this actually gain you? Keep in mind that Wietse's original postscreen implementation had ZERO user configurable features. If was fully automatic, autonomous, hands free. The feature you're wanting to monkey with is part of that original design. It doesn't _need_ to be monkeyed with, and it'll gain you nothing. -- Stan
