Re: postscreen: refresh of stored entries?
- Stefan Foerster:
> from /var/log/mail.log:Currently the time stamp says when the IP address passed the tests.
> Dec 31 01:49:47 nemea postfix/postscreen: PASS OLD 220.127.116.11
> # postmap -q 18.104.22.168 btree:/var/lib/postfix/ps_cache
> # date --date "Dec 31 01:49:47" "+%s"
> # echo $(((1262220587-1262188493)/3600))
> If a client that has passed postscreen in the past connects again,
> should the timestamp stored in $postscreen_cache_map be updated?
If the time stamp is updated without passing a test, then I don't
understand what the time stamp means: something passed a test,
maybe weeks or perhaps months ago?
I also don't understand what the problem is with repeating a test
once after 24 hours.
> legitimate clients, this would avoid a delay and/or DNS lookups
> every $postscreen_cache_retention_time. OTOH, if a non-legitimate
> client somehow gets to use the IP address of a sender previously added
> to the database, we lose our first line of defense. Small gain, big
> potential risk?