This script retrieves and formats the Spamhaus DROP list for use in postscreen.
Prerequisites:
- use postfix combined with postscreen;
- Perl with LWP::Simple
You could use this in your postfix configuration as follows:
postscreen_access_list = permit_mynetworks, cidr:/etc/postfix/postscreen-access.cidr
postscreen_blacklist_action = drop
and add a crontab to run ie. every 6 hours to update the DROP list and restart postfix for the changes to take effect:
0 */6 * * * /usr/bin/perl /etc/postfix/postscreen-access-update.pl
5 */6 * * * systemctl restart postfix
An updated DROP list can help reduce requests to one or more DNSBL's and reduce load on postfix by dropping these requests before they hit the MTA for further checking.