LuKreme a écrit : > On 22-Jun-2009, at 18:29, mouss wrote: >>> Is there anyway to, if not outright reject anyone whose DNS shows up as >>> unknown to at least tempfail them with a "Ooops, your DNS is not >>> resolving, try back later" or something? > >> if you insist, you could use one of >> >> http://www.postfix.org/postconf.5.html#reject_unknown_reverse_client_hostname >> >> http://www.postfix.org/postconf.5.html#reject_unknown_client_hostname >> >> but use at your own risks. In particular, reject_unknown_client_hostname >> (previously: reject_unknown_client) _will_ block or delay legitimate >> mail. > > Will it block or delay it? Can I set the error code to a tempfail > instead of a outright rejection. Blocking legitimate mail that fails dns > checks is one thing, rejecting it outright is another thing altogether. > >>> Seems at least half the spam that gets by zen shows up as client=unknown >> >> how much is half of what... > > > I don't understand the question. >
sorry. I meant that, the way it is stated, "at least half of spam" is a meaningless measure. for example, if you use other checks, numbers will change. yes, it is hard to come up with "meaningful" numbers. I do a "multiple levels" stats: ratio of junk blocked by "major" checks, then among what slips, ratio blocked by other checks, and then among what slips, ratio of junk detected by SA, ... etc. I stopped doing global measures.
