Rich Wales:
> > Perhaps. This would be a reason to use the actual reply TTL,
> > and to use postscreen_dnsbl_ttl as an upper bound.
>
> Just so I'm sure I understand, then, is the following correct?
No.
a) currently, postscreen_dnsbl_ttl always overrides the DNS reply TTL.
b) the corrected implementation is an upper bound, i.e. a maximum,
i.e. postscreen_dnsbl_ttl overrides only larger reply TTL values.
> Are there any considerations which would make it inadvisable to use a
> very low postscreen_dnsbl_ttl value?
It would increase the query traffic between Postfix and the local
DNS resolver, and increase the query/update traffic between Postfix
and the local postscreen cache.
But, with the current implementation, it would better handle the
case of reply TTLs less than 1 hour.
Wietse
