Loading ...
Sorry, an error occurred while loading the content.

269032Postscreen update

Expand Messages
  • Wietse Venema
    Sep 13, 2010
    • 0 Attachment
      Postscreen is a single Postfix 2.8 daemon that keeps spambots away
      from Postfix SMTP server processes, so that more Postfix server
      resources remain available for handling mail. It will hopefully
      become part of the next stable Postfix release.

      After adding DNSBL weights and filters two weeks ago, I rewrote
      the remainder of postscreen in the past 1+ week, and spent the past
      several days updating documentation so that people can actually
      use this thing. The re-born postscreen has been running on several
      sites since the beginning of the weekend.

      Postscreen now has a built-in SMTP protocol engine that allows it
      to log the helo/sender/recipient of rejected mail. With a few good
      DNSBL lists, this can dramatically reduce the load on Postfix SMTP
      servers (blocking mail without logging is not an option for everyone).

      One cautionary note: postscreen is meant to handle mail from MTAs
      not end-user clients. Its protocol tests are safe for properly-
      implemented MTAs, but they have not been tested with end-user
      systems. Of course end-user systems should connect to the submission
      port, not the port 25 that postscreen listens on...

      See http://www.porcupine.org/postfix-mirror/POSTSCREEN_README.html
      for an overview, configuration information and more.

      The last code drop was postfix-2.8-20100913, which is the same code
      as snapshot 20100912, but with a bunch of minor documentation fixes.

      Be sure to review the RELEASE_NOTES file if you are upgrading from
      an older postscreen version - the DNSBL implementation now reveals
      the DNSBL domain name in SMTP replies, so it needs to be censored
      to avoid disclosing ZEN etc. passwords.

      Wietse
    • Show all 14 messages in this topic