-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Diego Pomatta schrieb: > After reading all the replies I was left wondering.. > These kind of rules are not used when spamd is started with the -L > (--local) switch, right? > I use *rblsmtpd* (http://cr.yp.to/ucspi-tcp/rblsmtpd.html) to query > spamhaus at smtp time. (qmail - tcpserver) > /usr/local/bin/rblsmtpd -b -C -r 'sbl-xbl.spamhaus.org' > I always considered it to be more efficient this way, would this be > correct? Almost correct -- SA will not only consider the "connecting" IP address, but also look at the "most likely source" IP address, as determined by the trusted_network & Co. algorithm. Ie., having RBLs *both* on the MTA and in SA gives you a double benefit: reduce the load on SA by rejecting certain messages early (modulo false positive issues mentioned in this thread), and possibly hitting more RBLed sources by going beyond what is possible in the MTA alone. While there are additional DNS queries for the additional candidate IP addresses (if present), the result for the connecting IP address will already be cached (if previously queried by the MTA) and hence cause no additional DNS traffic. Personally, I prefer checking (some) RBLs both in the MTA and in SA for the added benefit, but YMMV. - -- Matthias -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) iD8DBQFGwtosxbHw2nyi/okRAlf5AJwJ3KVq/sRq8FlqO6vQBF6rHLUx2ACg0U5t u104adPfhKSFZtLjU2dXt/M= =EZJh -----END PGP SIGNATURE-----
