from /var/log/mail.log: Dec 31 01:49:47 nemea postfix/postscreen[2994]: PASS OLD 168.100.1.4
# postmap -q 168.100.1.4 btree:/var/lib/postfix/ps_cache 1262188493 # date --date "Dec 31 01:49:47" "+%s" 1262220587 # echo $(((1262220587-1262188493)/3600)) 8 If a client that has passed postscreen in the past connects again, should the timestamp stored in $postscreen_cache_map be updated? For legitimate clients, this would avoid a delay and/or DNS lookups every $postscreen_cache_retention_time. OTOH, if a non-legitimate client somehow gets to use the IP address of a sender previously added to the database, we lose our first line of defense. Small gain, big potential risk? Stefan^:wq