Im Auftrag von Matthew Hall
> Hello,
>
> I ran into a bit of an issue trying out fqrdns.pcre as recommended
> here in this thread. The header in the file recommended adding it into
> smtpd_client_restrictions. However if I place it there, I end up
> rejecting mail even from SASL authenticated client devices, if they
> also match a rule in fqrdns.pcre.
Put all your restriction in smtpd_recipient_restrictions
Do fqrdns.pcre after permit_sasl_authenticated and your Users can send
No restriction in all the other smtpd_*_restrictions
Only in smtpd_data_restrictions = reject_multi_recipient_bounce,
reject_unauth_pipelining
>
> Is it acceptable to put it into smtpd_relay_restrictions instead? I am
> worried if I do this, it would not be able to prevent these bad hosts
> from sending mail directly to my domain (non-relay), which kind of
> defeats the purpose of using it for botnet protection.
>
> I have some dynamic clients, and I don't know what subnet they'll be
> on since they're mobile devices with an IP from the mobile provider,
> so whitelisting isn't going to work very well if they roam somewhere
> surprising, like a different unexpected provider.
>
> Thanks,
> Matthew.
Mit freundlichen Grüßen
Uwe Drießen
--
Software & Computer
Uwe Drießen
Lembergstraße 33
67824 Feilbingert
Tel.: 06708660045
