Hello, I have been using
smtpd_relay_restrictions = ... reject_unknown_reverse_client_hostname warn_if_reject reject_unknown_client_hostname ... for a long while in my configuration, where the warn_if_reject is there because I thought that the more strict check could have blocked some legitimate email. This has only blocked unsolicited email so far, but the other day I placed an order online and the confirmation email was blocked by the first of those rules. I solved adding an check_sender_access hash:/etc/postfix/sender-access and a specific rule for the specific MAIL FROM domain, and the mail came through at the next retry (sending server is well behaved). Grepping through the logs I found a few instances of seemingly legitimate mail delivery attempts with (source and destination addresses are related to services I use) but the sending server never retried after receiving the first 450 answer (email delivery service identifies itself with helo=<engage-mailer.com>). I probably don't want their emails. The question is: am I rejecting legitimate email with those settings? I thought that having correct reverse DNS settings is the only way to deliver mail to the usual suspects big email providers, and thus that all legitimate senders would adhere to the policy. Am I wrong in this assumption? Thanks for sharing your wisdom. Cheers, Daniele
