I see countless Postscreen rejections of this type
Nov 14 13:28:58 mx postfix/postscreen[11068]: CONNECT from
[86.49.239.233]:19243 to [#.#.#.#]:25
Nov 14 13:28:58 mx postfix/dnsblog[11069]: addr 86.49.239.233 listed by
domain bl.spamcop.net as 127.0.0.2
Nov 14 13:28:58 mx postfix/dnsblog[11072]: addr 86.49.239.233 listed by
domain zen.spamhaus.org as 127.0.0.4
Nov 14 13:28:58 mx postfix/dnsblog[11071]: addr 86.49.239.233 listed by
domain bl.mailspike.net as 127.0.0.10
Nov 14 13:29:04 mx postfix/postscreen[11068]: DNSBL rank 9 for
[86.49.239.233]:19243
Nov 14 13:29:05 mx postfix/postscreen[11068]: NOQUEUE: reject: RCPT
from [86.49.239.233]:19243: 550 5.7.1 Service unavailable; client
[86.49.239.233] blocked using Spamhaus; from=<m...@mydomain.com>,
to=<m...@mydomain.com>, proto=ESMTP, helo=<ip-86-49-239-233.net.upcbroadband.cz>
Nov 14 13:29:05 mx postfix/postscreen[11068]: HANGUP after 0.9 from
[86.49.239.233]:19243 in tests after SMTP handshake
Nov 14 13:29:05 mx postfix/postscreen[11068]: DISCONNECT
[86.49.239.233]:19243
Postscreen is clearly doing its job of fending these off.
I'm interested in the expense of that rejection.
Its ~always based on a DNSBL rejection.
Is it efficient (enough) to check the DNSBLs I've got configured for postscreen?
That email is
from=<m...@mydomain.com>
to=<m...@mydomain.com>
Obviously spam.
I do have DMARC policy, DKIM & SPF record configured for my domain.
Are any of those, or the 'me-to-me' attempt, "cheaper"? If so, is it possible
to promote their use in Postscreen?
Or is postscreen already at low(est) overhead, and best to leave it as is?
I suspect the answer is yes.
