Rich Wales:
> I'm running Postfix 2.11.0 on Ubuntu 14.04.2 LTS.
>
> I wonder whether the default value for postscreen_cache_retention_time
> (7 days) may be too high for my situation.
Making the table smaller has a negligible impact on access speed.
Garbage collection will take longer, but that is OK because this
activity is interleaved with ordinary access.
> I think what might be happening in some cases is that a new spam site
> sends me something (which I accept because the site is new and hasn't
> made it onto any DNSBLs yet) -- and soon thereafter, that site gets
> picked up by Spamhaus and other DNSBLs -- but I'll continue to accept
> mail from the site because I saw (and whitelisted) the site before the
> DNSBLs started blacklisting it, and postscreen is going to cache that
> whitelisting for several more days.
That is not entirely correct - different tests have differfent
expiration times. postscreen_cache_retention_time says what
happens with an IP address after *all* its tests expire.
> Should I consider reducing my postscreen_cache_retention_time --
> possibly to a few hours? Is that likely to have some unintended and
> unwanted side effects?
Yes, see the postscreen_cache_retention_time manpage entry.
Wietse
