Halo Noel, On Tue, Aug 3, 2010 at 12:37 AM, Noel Jones <njo...@megan.vbhcs.org> wrote:
> >> >> >> It appear from more investigation this cause is SERVFAIL >> always send 4xx, can postifx override to 5xx with setting for >> SERVFAIL ? >> > > Why in the world would you want to 5xx reject on temporary errors? Postfix > would be insane to offer such an option. You will lose legit mail anytime > there is a DNS hiccup. > > Because in some case it is better to tell sender " there is problem" now, not them think mail delivered and 5 day later find out it not. We know the risk, have done this with all our sendmail farm for many many year with only one ever problem We trust our multiple DNS, but accept cant trust senders. > If you don't care about losing legit mail, you can use a > check_client_access table and reject clients named "unknown", sorry for english but I think you mean ; unknown 571 We cannot accept your mails for no known DNS I not see "unknown" as special keyword but for lack of knowledge are try now. or use an external policy service. > http://www.postfix.org/SMTPD_POLICY_README.html > > We thought use milter-regex, but this mean full duplicate all whitelist since postfix not work like sendmail and honor access list in class, we try check_client_access now to see if work well under recipient check, since we want to whitelist some no PTR in earlier check we think not to put in client or sender restrictions group. Thaks for advice.
