postscreen_whitelist_interfaces = !<honeypot-IP>, static:all in case you have a honeypot MX on a interface which always leads at least in a temporary reject wouldn't it be beneficial to skip the RBL tests and just reply with the "450 4.3.2 Service currently unavailable" ______________________________________________________
Sep 7 00:33:56 localhost postfix/postscreen[14034]: CONNECT from [186.78.20.55]:51691 to [<honeypot-IP>]:25 Sep 7 00:33:56 localhost postfix/postscreen[14034]: WHITELIST VETO [186.78.20.55]:51691 Sep 7 00:33:56 localhost postfix/dnsblog[14045]: addr 186.78.20.55 listed by domain zen.spamhaus.org as 127.0.0.4 Sep 7 00:33:56 localhost postfix/dnsblog[14045]: addr 186.78.20.55 listed by domain zen.spamhaus.org as 127.0.0.11 Sep 7 00:33:56 localhost postfix/dnsblog[14047]: addr 186.78.20.55 listed by domain b.barracudacentral.org as 127.0.0.2 Sep 7 00:33:56 localhost postfix/dnsblog[14049]: addr 186.78.20.55 listed by domain dnsbl.sorbs.net as 127.0.0.6 Sep 7 00:33:56 localhost postfix/dnsblog[14099]: addr 186.78.20.55 listed by domain bl.spamcop.net as 127.0.0.2
