I see countless Postscreen rejections of this type Nov 14 13:28:58 mx postfix/postscreen[11068]: CONNECT from [86.49.239.233]:19243 to [#.#.#.#]:25 Nov 14 13:28:58 mx postfix/dnsblog[11069]: addr 86.49.239.233 listed by domain bl.spamcop.net as 127.0.0.2 Nov 14 13:28:58 mx postfix/dnsblog[11072]: addr 86.49.239.233 listed by domain zen.spamhaus.org as 127.0.0.4 Nov 14 13:28:58 mx postfix/dnsblog[11071]: addr 86.49.239.233 listed by domain bl.mailspike.net as 127.0.0.10 Nov 14 13:29:04 mx postfix/postscreen[11068]: DNSBL rank 9 for [86.49.239.233]:19243 Nov 14 13:29:05 mx postfix/postscreen[11068]: NOQUEUE: reject: RCPT from [86.49.239.233]:19243: 550 5.7.1 Service unavailable; client [86.49.239.233] blocked using Spamhaus; from=<m...@mydomain.com>, to=<m...@mydomain.com>, proto=ESMTP, helo=<ip-86-49-239-233.net.upcbroadband.cz> Nov 14 13:29:05 mx postfix/postscreen[11068]: HANGUP after 0.9 from [86.49.239.233]:19243 in tests after SMTP handshake Nov 14 13:29:05 mx postfix/postscreen[11068]: DISCONNECT [86.49.239.233]:19243
Postscreen is clearly doing its job of fending these off. I'm interested in the expense of that rejection. Its ~always based on a DNSBL rejection. Is it efficient (enough) to check the DNSBLs I've got configured for postscreen? That email is from=<m...@mydomain.com> to=<m...@mydomain.com> Obviously spam. I do have DMARC policy, DKIM & SPF record configured for my domain. Are any of those, or the 'me-to-me' attempt, "cheaper"? If so, is it possible to promote their use in Postscreen? Or is postscreen already at low(est) overhead, and best to leave it as is? I suspect the answer is yes.