> > and as tip, take fail2ban and let it monitor for "blocked by rbl" > > and you reduces your dns queries also a lot.
Actually, postscreen < 3.1 caches the result of the dnsbl tests for
postscreen_dnsbl_ttl seconds (default 3600, which may be too long
nowadays).
Newer versions have postscreen_dnsbl_max_ttl and postscreen_dnsbl_min_ttl,
and look at the DNS reply TTL.
Wietse
