269047Re: Postscreen update
- Sep 14, 2010On 09/13/2010 10:55 PM, Wietse Venema wrote:
> Postscreen is a single Postfix 2.8 daemon that keeps spambots awayHi Wietse,
> from Postfix SMTP server processes, so that more Postfix server
> resources remain available for handling mail. It will hopefully
> become part of the next stable Postfix release.
> After adding DNSBL weights and filters two weeks ago, I rewrote
> the remainder of postscreen in the past 1+ week, and spent the past
> several days updating documentation so that people can actually
> use this thing. The re-born postscreen has been running on several
> sites since the beginning of the weekend.
> Postscreen now has a built-in SMTP protocol engine that allows it
> to log the helo/sender/recipient of rejected mail. With a few good
> DNSBL lists, this can dramatically reduce the load on Postfix SMTP
> servers (blocking mail without logging is not an option for everyone).
> One cautionary note: postscreen is meant to handle mail from MTAs
> not end-user clients. Its protocol tests are safe for properly-
> implemented MTAs, but they have not been tested with end-user
> systems. Of course end-user systems should connect to the submission
> port, not the port 25 that postscreen listens on...
> See http://www.porcupine.org/postfix-mirror/POSTSCREEN_README.html
> for an overview, configuration information and more.
> The last code drop was postfix-2.8-20100913, which is the same code
> as snapshot 20100912, but with a bunch of minor documentation fixes.
> Be sure to review the RELEASE_NOTES file if you are upgrading from
> an older postscreen version - the DNSBL implementation now reveals
> the DNSBL domain name in SMTP replies, so it needs to be censored
> to avoid disclosing ZEN etc. passwords.
iam currently using the postfix snapshot with the older postscreen
version which was still experimental (the first 2.8 snapshot with
postscreen), in combination with greylisting my spam levels dropped so
low that i can currently not train the content based spamfilter. So is
there a need to update because the release which included postscreen
before is experimental ? I read the readme about deep protocol
inspection and of course i will use it as soon as its needed since i
currently have no spam at all is there a need to upgrade due instability
fixes etc ?
- << Previous post in topic Next post in topic >>