On 3/5/2018 3:38 PM, MRob wrote: > Bill Cole said: >> The postscreen DNSBL >> configuration should be designed to only block IPs that *only* send >> spam. > > So why, I like to ask is fqrdns list not recommended for use in > postscreen? > https://github.com/stevejenkins/hardwarefreak.com-fqrdns.pcre > > Its maintained by same person as postwhite so I guess that means he > knows good reason why not to outright blacklist the clients in that > list.
By design, postscreen operates on the client IP only, and the rDNS hostname is not available. This is intentional to keep performance high and latency low. The fqrdns.pcre operates on the rDNS hostname of the connecting client, which isn't available in postscreen. Consequently, by design the fcrdns.pcre cannot work in postscreen, and should not be used there. -- Noel Jones
