Michael Fox:
> > postscreen will query the DNS when the client connects after
> > postscreen_dnsbl_ttl has expired. With Postfix 3.1 and later,
> > that time is (also) determined by a TTL in the DNS response.
>
> Thanks for the clarification Wietse. 2 questions:
>
> 1) Given that DNSBLs in postscreen_dnsbl_sites and smtpd_*_restrictions use
> the same caching resolver and the same timeouts, they should produce the
> same result. Correct?
Each smtpd process has a short-lived cache (process lifetime).
Postscreen has postscreen_dnsbl_ttl (fixed time limit) or it uses
the DNS TTL, limited by postscreen_dnsbl_{min,max}_ttl.
Please see Postfix documentatiom, and report a bug if it is incomplete.
Wietse
