> You appear to have copied the smtpd executable over the postscreen > executable.
You are right I made the same sort of bad mistake in the set up. Thanks for catching it. I fixed it, and separated the smtpd for postscreen, and named it so I can follow it. So now I see in log Apr 21 13:11:21 tanzer postfix/postscreen2/smtpd[12944]: connect from unknown[46.17.102.31] and Apr 21 13:11:24 tanzer postfix/postscreen2/smtpd[12944]: disconnect from unknown[46.17.102.31] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5 Like before some of the emails "from unknown" get past the postscreen & smtpd part and continue to delivery. > smtpd logs "unknown" when the IP address has no name, or when the name does > not resolve to the remote SMTP client IP address. Okay so the log is acting right, and recording the event. Now I must make and control the decision when it happens for each case. What restriction causes the rejection for each case? So far I am using this in the main.cf file smtpd_client_restrictions = permit_mynetworks reject_unauth_pipelining smtpd_helo_required = yes smtpd_helo_restrictions = permit_mynetworks reject_non_fqdn_helo_hostname reject_invalid_helo_hostname smtpd_sender_restrictions = permit_mynetworks permit_sasl_authenticated permit_tls_clientcerts reject_non_fqdn_sender reject_unknown_sender_domain smtpd_recipient_restrictions = reject_non_fqdn_recipient reject_unauth_pipelining reject_non_fqdn_recipient reject_unknown_recipient_domain permit_sasl_authenticated permit_mynetworks reject_unlisted_recipient I see these in many examples and am now going through them one by one to understand them. I do not think all are needed for me. So I am okay to change them to better ideas.
