"Jeroen Geilman":
On 1/4/11 8:32 PM, pf at alt-ctrl-del.org wrote:
The only rejects that I get calls or emails about are:
reject_non_fqdn_helo_hostname,
reject_unknown_helo_hostname,
reject_unknown_client_hostname,
Don't blindly use that. It causes a LOT of false positives.
reject_unknown_reverse_client_hostname
That's safer to use.
I only use the tougher ones against null senders and specific tlds, countries
or IP ranges.
If these four rejects had individually configurable error text, it would help a
lot.
Instead of Helo command rejected: Host not found, I could choose to return:
Helo command rejected: Host not found; see example.tld?helo=somedomain.local
What would that tell the sender *admin* that he didn't already know ?
Note that information in SMTP logs and sessions is generally only read by, and therefore only useful to, system
admins.
I'm guessing that if the remote admin knew, we wouldn't have a problem...
The reject text is often also included in the delivery status notification that
gets returned to the sender.
I'm trying to stop the chain of:
Sender calls recipient, recipient calls their tech, recipient's tech calls me... Then I tell them to contact the
sender's admin... Then the sender's admin claims that "everyone" else accepts their email, even though they don't have
any reverse dns, and suggests that I add an exception for their servers.
I would hope that occasionally someone in that chain would notice the url and
read it, saving everyone else's time.
I rarely get "why are you blocking me?" for rbl listed domains, so I'm guessing that those client specific self service
urls do provide some benefit.
