> how should that be possible? > the hostname the client pretends? > how could you trust that? > how could you trust any hostname? > there is nothing else trustable than the connecting real IP
No. Not the hostname that client pretends, I am talking about valid DNS A record throuch DNS lookup. > > frankly you must even not make relay decisions based on a > static PTR because i can add any PTR i like in my own DNS > server which is authoritative for my in-addr.arpa zone I am not running my own DNS server. > the same way you can nobody stop make a valid PTR record > you like to see on your side for grant relay permissions I just want to creat and access control system where I will provide the list of valid hostname(FQDN). Postfix will lookup the IP of that FQDN through public DNS and consider that IP as trusted IP.
