On 4/27/2012 2:17 PM, kar...@mailcan.com wrote: > > > On Fri, Apr 27, 2012, at 03:12 PM, Wietse Venema wrote: >> For small sites, postscreen has an up-front blacklist that kicks >> off clients before wasting resources on them. > > Although I was warned off postscreen in an earlier post being 'heavier'
I didn't see that comment, but either it's plain wrong or was referring to something different. > than the checks against locally cached DNS, your comment's consistent > with my initial read about postscreen. > > Iiuc it, too, uses a standard postfix SMTP process, and probably does > that local DNSBL IP caching as well. Postscreen does not use smtpd other than to handoff "good" connections once they've been approved. > > Sounds like the lightest solution, without additional clever patching > or dameon writing, may well be postscreen 'out front'. I would recommend postscreen to everyone, but extremely large sites would want to do additional testing. -- Noel Jones