I'm converting to use postscreen. I have a question about dnsbl's in
postscreen vs smtpd_recipient_restrictions
Following threads here and a git by Steve Jenkins I was going to start with
this for postscreen:
postscreen_dnsbl_sites =
zen.spamhaus.org*3
bl.mailspike.net*2
b.barracudacentral.org*2
bl.spameatingmonkey.net
bl.spamcop.net
dnsbl.sorbs.net
psbl.surriel.com
swl.spamhaus.org*-4
list.dnswl.org=127.0.[2..15].0*-2
list.dnswl.org=127.0.[2..15].1*-3
list.dnswl.org=127.0.[2..15].[2..3]*-4
wl.mailspike.net=127.0.0.[17;18]*-1
wl.mailspike.net=127.0.0.[19;20]*-2
I had my smtpd_recipient_restrictions RBLs as:
...
reject_rbl_client zen.spamhaus.org=127.0.0.[2..255],
reject_rhsbl_client dbl.spamhaus.org=127.0.1.[2..99],
reject_rhsbl_sender dbl.spamhaus.org=127.0.1.[2..99],
reject_rhsbl_helo dbl.spamhaus.org=127.0.1.[2..99],
reject_rbl_client bl.spamcop.net
reject_rbl_client psbl.surriel.com
reject_rbl_client cbl.abuseat.org,
...
I've seen in other threads configs that left some but not all rbl's in their
smtpd_recipient_restrictions. If I'm going to reject no matter what at
smtpd_recipient_restrictions, it seems I should give that rbl a high score
in postscreen checks and not do the second check in
smtpd_recipient_restrictions? I understood that the second lookup is "free"
since it's cached, but is there any advantage/disadvantage to having both?
Any advise appreciated.
--
View this message in context:
http://postfix.1071664.n5.nabble.com/postscreen-dnsbl-AND-smtpd-recipient-restrictions-rbl-tp91307.html
Sent from the Postfix Users mailing list archive at Nabble.com.
