On 10/18/2014 07:01 AM, jason hirsh wrote: > I have about 8 of these over two days all continue to be retired > > I am trying to be pro-active and was just looking if ether was something i > may have hosed on my side
I forgot to ask: what does your DNS entries look like for your mail server? Specifically: A record PTR record MX record(s) Back when I was working for a web hosting company, I insisted that any incoming mail come from a launch point with best practices DNS. My policy filter would return a polite error message and close the connection; this guy might just be rude. My tests: 1. IP address has a PTR record with a FQDN that looks to be statically assigned. This was developed over time, as I learned the patterns. I also has a whitelist of REGEXP patterns. Multiple returns were a no-no. 2. Look-up on FQDN returns an A record with the same IP address. Multiple IP addresses can be returned, but one of them must match the IP address of the incoming connection 3. Look-up of the domain name (tried several variations) returns MX record(s). I allowed for those large groups who split incoming mail from outgoing mail in a server farm -- the idea here is that I didn't accept mail from any endpoint that may not have a postmaster associated with it.
