> Instead, use postscreen. It blocks clients before they are allowed > to talk to a Postfix SMTP server. > > /etc/postfix/main.cf: > postscreen_greet_action = enforce > postscreen_dnsbl_action = enforce > postscreen_dnsbl_sites = ...your DNSBL server here... > > You can use rbldnsd to run your own DNSBL server. >
Any easy way of expiring individual entries in the postscreen cache? My concern is if I add the SASL abuser to a custom DNSBL after they've already been checked by postscreen from the original attempt(s), it'd still "PASS OLD" them until their entry in the cache expires. Thanks.
