On 9/5/25 9:00 PM, Patrik Schindler wrote:
Hello,may I kindly ask somebody to explain why SA does now do CNAME lookups in DNS, and what the expected benefit thereof is, compared to the former behavior? Thanks!
spammers use to frequently create new cnames pointing to the same malware/phishing web page in order to bypass antispam softwares.
Aside from that, a local caching DNS (same machine, outside spamd) might somewhat counter the perceived slowness? Maybe allowing a lot more SA children might also help. They use RAM but virtually no CPU, because they're waiting for DNS answers.
a fast dns is usually enough to limit perceived slowness in many situations. Giovanni
Thanks! :wq! PoC
OpenPGP_signature.asc
Description: OpenPGP digital signature
