"Buddha" peace themselve that he spent the other day with the attack on the ml
double bouncing for killer a post on our list, a UBE, I said that I had to send an email with my DK DKIM signatures They spoke on TV in the evening, the newspaper that the attack came from france I do not mention the great person company has been hosting French attack my RPS has my key was' down 'for several days Le lundi 10 août 2009 21:03, mouss a écrit : > Robert Schetterer a écrit : > > Hi, > > some nets have > > set their ptr records to localhost > > this causes problems to several mailservers > > i see no problems at mine but > > just asked to clear > > > > dig -x 123.27.178.4 > > > > ; <<>> DiG 9.3.5-P1 <<>> -x 123.27.178.4 > > ;; global options: printcmd > > ;; Got answer: > > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46689 > > ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2 > > > > ;; QUESTION SECTION: > > ;4.178.27.123.in-addr.arpa. IN PTR > > > > ;; ANSWER SECTION: > > 4.178.27.123.in-addr.arpa. 86266 IN PTR localhost. > > > > i only get warnings ( like ever ) > > > > Aug 6 15:04:31 mxback postfix/smtpd[30131]: warning: 123.27.178.4: > > address not listed for hostname localhost > > Aug 6 15:04:31 mxback postfix/smtpd[30131]: connect from > > unknown[123.27.178.4] > > > > > > is this a hard coded match ( ptrs to localhost are resolved unknown? ) > > so i.e reject_unknown_reverse_client_hostname > > will reject it ever ? > > > > after all this was warned by german heise pc magazin > > http://www.heise.de/newsticker/Namens-Trick-oeffnet-Mailserver--/meldung/ > >143123 > > I use somthing like this: > > smtpd_recipient_restrictions = > ... > check_reverse_client_hostname_access ${hash}/access_host > check_helo_access ${hash}/access_host > ... > > to reject things like: > > localhost > unreachable > .localhost > .arpa > .invalid > .inv > .test > .local > .lokaal > .localdomain > .lan > .private > .root > .adsl > .firewall > .speedportw700v > .belkin > .kornet > ... > > > be them found in helo or in the PTR. I also use a pcre version to reject > "." as PTR (among other things).
