On Tue, 2011-04-12 at 16:19:03 -0500, Stan Hoeppner wrote: > Mikael Bak put forth on 4/12/2011 7:31 AM: > > Stan Hoeppner wrote: > > [snip] > >> > >>> Received: from [190.221.28.39] (unknown [190.221.28.39]) > >> > >> In this example, reject_unknown_reverse_client_hostname would have > >> generated a 450 rejection. You should always use > >> reject_unknown_reverse_client_hostname at minimum, or the more > >> restrictive reject_unknown_client_hostname, though this one can cause > >> problems with FPs on occasion. Best to use it with warn_if_reject for a > >> while and monitor what it would have rejected. > >> > >> http://www.postfix.org/postconf.5.html#reject_unknown_client_hostname > >> > >> However, it appears that 190.221.28.39 has rDNS of > >> > >> Name: host39.190-221-28.telmex.net.ar > >> Address: 190.221.28.39 > > > No. The "reject_unknown_reverse_client_hostname" in the above example > > would not have generated a 450 rejection, since the IP address HAS a > > reverse dns hostname. > > Yes, it would have.
Not in this case. > Note the "unknown" in the Received line. The rDNS lookup failed > during the transaction in question, thus this restriction would have > generated a 450 for this transaction. Note the following that I > wrote, due to the fact the host does have rDNS: The 'unknown' in the Received: header is not due to rDNS problems, but more likely because the name->address mapping (still) fails. % dig +short -x 190.221.28.39 host39.190-221-28.telmex.net.ar. ... so rDNS is OK; however: % host host39.190-221-28.telmex.net.ar Host host39.190-221-28.telmex.net.ar not found: 3(NXDOMAIN) > I think you were a bit hasty in your reply, not carefully reading the > information I provided. :-) -- Sahil Tandon <sa...@freebsd.org>
