Slightly OT: Postfix smtpd restrictions
John Wilcock
john at tradoc.fr
Thu Jun 24 13:51:46 IST 2010
Le 24/06/2010 13:57, Jason Ede a écrit :
> This is purely MTA based, but since a lot of users here run postfix...
>
> How have others found *reject_unknown_reverse_client_hostname** *and the
> more harsh *reject_unknown_client_hostname** * in postfix? I’m debating
> implementing them here and wonder if others have found them problematic
> or useful? I thinking they should be good for weeding out spam emails
> and I can’t see that they should catch legitimate senders, but want to
> be sure.
In theory they *shouldn't* catch legit senders, but in practice not
everyone has well-configured rDNS.
Quickly grepping through my recent logs for 'unknown\[' and counting
either 'hold:' or 'reject:' shows that almost exactly 99% of those with
unknown reverse DNS are rejected by other restrictions (primarily
reject_non_fqdn_helo_hostname, reject_unlisted_recipient,
reject_rbl_client zen.spamhaus.org). Of the 1% that aren't rejected,
about a quarter are genuine regular correspondents. It would be possible
to whitelist those regulars, of course, but IMO it wouldn't be worth the
hassle.
John.
--
-- Over 4000 webcams from ski resorts around the world - www.snoweye.com
-- Translate your technical documents and web pages - www.tradoc.fr
More information about the MailScanner
mailing list