LuKreme schrieb: > On 22-Jun-2009, at 18:29, mouss wrote: >>> Is there anyway to, if not outright reject anyone whose DNS shows up as >>> unknown to at least tempfail them with a "Ooops, your DNS is not >>> resolving, try back later" or something? > >> if you insist, you could use one of >> >> http://www.postfix.org/postconf.5.html#reject_unknown_reverse_client_hostname >> >> http://www.postfix.org/postconf.5.html#reject_unknown_client_hostname >> >> but use at your own risks. In particular, reject_unknown_client_hostname >> (previously: reject_unknown_client) _will_ block or delay legitimate >> mail. > > Will it block or delay it? Can I set the error code to a tempfail > instead of a outright rejection. Blocking legitimate mail that fails > dns checks is one thing, rejecting it outright is another thing > altogether.
If you took a second to read the supplied link, you would have found http://www.postfix.org/postconf.5.html#unknown_client_reject_code Another option is to use selective greylisting on "unknown" clients: MAIN.CF smtpd_recipient:_restrictions = permit_mynetworks, <...others...>, check_client_access = pcre:/etc/postfix/client_check /etc/postfix/client_check: /^unknown$/ check_policy_service inet:127.0.0.1:10031
