Rich Wales:
> > Perhaps. This would be a reason to use the actual reply TTL,
> > and to use postscreen_dnsbl_ttl as an upper bound.
>
> Just so I'm sure I understand, then, is the following correct?
No.
a) currently, postscreen_dnsbl_ttl always overrides the DNS reply TTL.
b) the corrected imp
> Perhaps. This would be a reason to use the actual reply TTL,
> and to use postscreen_dnsbl_ttl as an upper bound.
Just so I'm sure I understand, then, is the following correct?
postscreen_dnsbl_ttl is the minimum period of time during which
the result of a DNS lookup will be treated as
Rich Wales:
> > That is not entirely correct - different tests have different
> > expiration times. postscreen_cache_retention_time says what
> > happens with an IP address after *all* its tests expire.
>
> So, then, if I want to be able to respond more quickly to chang
> That is not entirely correct - different tests have different
> expiration times. postscreen_cache_retention_time says what
> happens with an IP address after *all* its tests expire.
So, then, if I want to be able to respond more quickly to changes in an
SMTP client's DNSBL st
On Thu, May 28, 2015 at 10:42:09AM -0700, Rich Wales wrote:
> [...]
> I think what might be happening in some cases is that a new spam site
> sends me something (which I accept because the site is new and hasn't
> made it onto any DNSBLs yet) -- and soon thereafter, that site gets
> picked up by Sp
Rich Wales:
> I'm running Postfix 2.11.0 on Ubuntu 14.04.2 LTS.
>
> I wonder whether the default value for postscreen_cache_retention_time
> (7 days) may be too high for my situation.
Making the table smaller has a negligible impact on access speed.
Garbage collection will take
I'm running Postfix 2.11.0 on Ubuntu 14.04.2 LTS.
I wonder whether the default value for postscreen_cache_retention_time
(7 days) may be too high for my situation.
I get a lot of spam despite using postscreen, and when I manually look
up the IP addresses of some of the sites that send me sp
