On Nov 26, 2016, at 11:30 AM, E. Recio <emre...@verizon.net> wrote: > On 11/22/2016 10:47 AM, @lbutlr wrote: >> >> reject_unknown_reverse_client_hostname, >> >> but I also use: >> reject_non_fqdn_recipient, >> reject_unknown_sender_domain, >> reject_invalid_hostname,
> Wow, these settings cut down on spam by a lot! My concern is that if someone > is on a private remote NAT network (sending real) example.com (sending real) > 1.2.3.4 but the host behind the 1.2.3.4 NAT is (sending host) example.local > (sending host) 10.1.2.3 and sends email by directly connecting to my postfix > server via 25, would the email get to me? No. A host hiding behind a NAT should never be connecting directly to you, that’s rather the point.
