J Doe: > Hi Wietse, > > > On Mar 2, 2018, at 1:49 PM, Wietse Venema <wie...@porcupine.org> wrote: > > > > Postscreen blocks sites based on: > > > > - Their reputation that hey don't send legitimate mail. > > zen.spamhaus.org and bl.spamcop.net are examples of that. > > > > - Their behavior. The postscreen pregreet test is an example of that. > > > > Wietse > > Ok. I am definitely making use of the zombie detection (pre-greeting, > etc.), but I also use the DNSRBL?s on postscreen. I was under the > possibly mistaken impression that this was a bit more efficient > instead of having a spam source connect, possibly negotiate STARTTLS > and then start a SMTP transaction and then have it rejected based > on smtpd restrictions. > > Should I then continue to use postscreen for the zombie detection > but then move my DNSRBL entries to smtpd restrictions ?
postscreen handles multiple sessions in parallel. Only clients that "PASS" are allowed to talk to an SMTP daemon process. In a word where most email comes from spambots, this is more efficient than always spending one SMTP daemon process on every client. wietse