- postscreen with postgrey - can they cause a double reject?

I searched for answers regarding using both postscreen and greylisting.  I
saw some differing opinions.  But I did not see this point covered.

Assuming a clients first connection to me to deliver and
Assuming that postscreen is configured for deep protocol tests, and the
connection passes all tests.

I understand postscreen will temporary whitelist the IP but the client must
reconnect in order to deliver.  

On that second connection, postscreen hands off to postfix due to the
temporary whitelist.

If I have greylisting configured, as I have done it in the past in main.cf:

      smtpd_recipient_restrictions 
          ...
          check_policy_service unix:postgrey/socket
          permit

Won't this second connection get temp rejected by my normal greylisting a
second time?  The regular greylisting won't know about the postscreen's
recent pass.  So won't the client would have to connect for a 3rd time to
deliver?

That would seem to me to be an argument against using both, or at least
using both with postscreen's deep protocol tests enabled.

I'd be grateful to be straightened out if I have it wrong.  







Reply via email to