On 7/7/2011 7:37 PM, Steve Jenkins wrote: > I'm currently using Stan's pcre file with check_client_access. But > even after re-reading this while thread and that doc link, I can't > tell whether I should keep it as-is or switch to > check_reverse_client_hostname_access. > > SteveJ
Yes, absolutely use the fqrdns list with check_reverse_client_hostname_access if your postfix version supports that parameter. Requires postfix 2.6 and later. The advantage is that some sites postfix labels as "unknown" have an unverified hostname that matches the list; these hosts are no more likely to be false positives than other entries in the list (arguably less likely, since they don't have matching DNS). There is no disadvantage. -- Noel Jones
