can you show an example?
postfix log (my contract forbids to put client data here, so masqueraded the real hostnames and IPs):
Mar 6 19:01:41 mail postfix/smtpd[6930]: NOQUEUE: reject: RCPT from www.XXX.hu[X.X.X.X]: 450 4.1.7 <www-d...@www.xxx.hu>: Sender address rejected: unverified address: connect to www.XXX.hu[X.X.X.X]:25: Connection refused; from=<www-d...@www.xxx.hu> to=<valid-em...@local.domain.hu> proto=ESMTP helo=<www.XXX.hu>
www.XXX.hu is a large webhosting service, lot of webpages running on it, some uses contact with our clients, but with valid source e-mail addresses. So firewalling out this IP doesn't help.
Some other webpages got hacked or something, but they sending spam.www.XXX.hu doesn't have an MX record (other clients sending with different e-mail domain, and those are on different comp, which verifiable). Also, port 25 is not open on www.XXX.hu . I would handle this situation with permanent error, not temporary.
If you insist, you can write a policy server to do that. but I don't think this would be a good idea. there are more effective ways to combat spam.
Well i am using a lot of spam filtering mechanisms, around 1% of spam getting through, and around 0.5% of the valid mails gets false positive. I am spending lot of time to monitor log files (several hours a day), and i am just searching ways to get rid of some lines, eg. sending 550 in some situations so the other side gives up trying (and prevents extra rows).
smime.p7s
Description: S/MIME Cryptographic Signature
