On 3/10/26 20:46, Tim Harman via Postfix-users wrote:
On 11/03/2026 8:50 am, Fred Morris via Postfix-users wrote:
On Tue, 10 Mar 2026, Gary R. Schmidt via Postfix-users wrote:
[...]
Turn on postscreen and add fail2ban.
I learnt (I forget how, that's the problem) that if you're using rspamd,
you shouldn't do anything else like fail2ban or postscreen, so that
rspamd can learn _all_ mail. If you reject it as spam before it even
gets to rspamd, then rspamd ends up learning mostly ham and very little
spam, so things like the IP Reputation and bayes/neuralnet training
suffer because they don't see enough of both sides.
I guess I can see some value in fail2banning an IP that rspand has
flagged as spam the last 20 times, to stop the CPU overhead of rspamd
having to check it a 21st time.
But that is learnt wisdom correct, or am I holding onto a belief that's
not in fact true?
This is substantially correct, per my understanding. However, fail2ban
is sill useful for blocking hostile IPs trying to brute-force
credentials or probe for exploits.
--
Phil Stracchino
Fenian House Publishing
[email protected]
[email protected]
Landline: +1.603.293.8485
Mobile: +1.603.998.6958
_______________________________________________
Postfix-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
