On 03/06/16 22:20, Wietse Venema wrote:
> Postscreen has postscreen_dnsbl_ttl (fixed time limit) or it uses
> the DNS TTL, limited by postscreen_dnsbl_{min,max}_ttl.
>
> Please see Postfix documentatiom, and report a bug if it is incomplete.
dnsblog(8) states, "Otherwise it replies with the query arguments plus
an empty address list and the reply TTL (-1 if unavailable)." It is
unclear that this references the negative cache TTL as returned by the
SOA record included in an NXDOMAIN response.
I had to look at the dnsblog.c source code for this to become clear.
Peter
