-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 9/18/2012 16:33, Ralf Hildebrandt wrote: > * Chris Horry <zer...@wibble.co.uk>: >> Since enabling tlsproxy+postscreen I'm seeing greylisting on TLS >> connections: > ... > >> I don't seen anything about this in the postscreen documentation > > "Tests after the 220 SMTP server greeting" says > > Important note: deep protocol tests are disabled by default. They > are more intrusive than the pregreet and DNSBL tests, and they > have limitations as discussed next. > > When a good client passes the deep protocol tests, postscreen(8) > adds the client to the temporary whitelist but it cannot hand off > the "live" connection to a Postfix SMTP server process in the > middle of the session. Instead, postscreen(8) defers mail delivery > attempts with a 4XX status, logs the helo/sender/recipient > information, and waits for the client to disconnect.
Ralf, I knew I'd missed something, thanks for the clarification. Chris - -- Chris Horry zer...@wibble.co.uk http://www.twitter.com/zerbey -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (MingW32) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iEYEARECAAYFAlBY2xcACgkQnAAeGCtMZU4gwACfVM6fceUe46tTpFEGHcg42VL/ KQYAoJKOYv7xgJnHLZ+sjIYdyAzmApun =HfXF -----END PGP SIGNATURE-----
