mouss pisze:
reject_unknown_helo_hostname would indeed be too aggressive. but you could use restriction classes and only call it if the sender is null (<>). or you could run aggressive checks if the client has a "generic" reverse dns. or in this particular case, simply reject *.rev.dynxnet.com with a check_client_access: rev.dynxnet.com REJECT blah blah .rev.dynxnet.com REJECT blah blah
If I'll have any trouble with reject_unknown_helo_hostname sitewide I'll change it according to information above. For now I'll have some time to think over BATV (full-blown or "poorman" versions) - each simplified solution has some disadvantages which on first sight are not good at my site (ex. changing submission port means to me reconfiguration of over 100 standalone PCs...).
Thank you for all support Regards Pawel Lesniak
