From: Marshal Newrock (no email)
Date: Tue Oct 01 2002 - 10:59:51 EDT
On Tue, 1 Oct 2002, Stephen Hoover wrote:
> If I add my own domain to the smtpd_sender_restrictions maps, how
> expensive is it to have that check ran on every internal email? We run a
> REAL small email server, so I know we can afford the hit, but that's not
> really what I want to know. I'd like a good estimation of the cost of
> that particular extra check on all internal email.
If you have permit_mynetworks, then internal mail will never see
check_sender_access. On our server, we have simons-rock.edu REJECT in
check_helo_access, which stops spammers who try to claim to be us.
Legitimate mail goes through because permit_mynetworks comes first. For
us, sender access is not restricted, since there might be people sending
mail from off-campus to on-campus legitimately, without first checking
their mail (and thus using pop-before-smtp). You probably don't have that
situation.
I also have everything in smtpd_recipient_restrictions, as is frequently
recommended here, so I can see the exact order in which all the
restrictions are applied.
-- Marshal Newrock, Simon's Rock College of Bard Caution: product may be hot after heating - To unsubscribe, send mail to with content (not subject): unsubscribe postfix-users
|
|
|