Hi all, Just a question about spam prevention and resource optimalisation.
What is the best way to go. I have this as spam prevention at the moment. smtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_hostname, reject_invalid_hostname, permit smtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_sender, reject_unknown_sender_domain, permit smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_pipelining, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_unauth_destination, reject_invalid_hostname, reject_rbl_client bl.spamcop.net, reject_rbl_client zen.spamhaus.org, reject_unlisted_recipient, check_policy_service inet:127.0.0.1:60000, permit This mean that there are a number of tests before the actual recipient address is tested, would it not be better to place the reject_unlisted_recipient very early in the chain? Or am I wrong here. In placing the reject_unlisted_recipient earlier in the chain would I not make it easier for dictionary attacks to succeed? The check_policy_server is the postgrey implementation of http://postgrey.schweikert.ch/ I added the reject_unlisted_recipient before the postgrey policy test because I noticed unknown recipients being passed to the postgrey policy test. Any comments would be welcome. -- Simple things make people happy. Willy De la Court PGP Public Key at http://www.linux-lovers.be/download/public_key.asc PGP Key fingerprint = 784E E18F 7F85 9C7C AC1A D5FB FE08 686C 37C7 A689