On 2011-08-02 21:59, Bruno Costacurta wrote:
Hello,
in my logs files there are messages 'connect from unknown[here an IP
address]'.
Can this be considered be as probable spam ?
No.
It merely means that the machine connecting does not have forward
confirmed reverse DNS (FCrDNS) entries.
This occurs with home-based mail servers (who often cannot set their own
PTR record), but even with larger company mail servers, where a pool of
MXes don't all have their own hostname and/or IP.
And especially can Posfix blocked such connection ?
Certainly.
I tried to add the following :
smtpd_sender_restrictions =
reject_unknown_sender_domain
Ýou mean *client*.
smtp_client_restrictions = reject_unknown_client_hostname
NOTE that this is a very heavy restriction and will cause many, many
false positives.
Instead, use the milder (but equally effective)
smtp_client_restrictions = reject_unknown_reverse_client_hostname
This will reject all clients that do not have a PTR entry for their IP.
See http://www.postfix.org/postconf.5.html#smtpd_client_restrictions for
the full list.
--
J.
