Greg Sims: > > A more targeted approach is to use smtp_delivery_status_filter with > > a regexp that targets that exact error message, and that changes a > > 'hard' reject into a soft one. > > > For inspiration to turn hard into soft rejects, see examples at > > http://www.postfixlorg/postconf.5.html#default_delivery_status_filter > > Thank you for your feedback on this Weitse. I have read all the links > you provided. There is a great deal of finger pointing at AT & T. > The general theme is some of the AT & T servers are more picky about > rDNS and the like. > > I was not able to get the "inspiration" link above to work for some > reason. I scanned "man postconf 5" but was not able to find relative > examples.
http://www.postfix.org/postconf.5.html#default_delivery_status_filter There's a bunch of examples to change the status codes for TLS-related errors. There is no need to tell me that TLS is not DNS, and that changing '4' into '5' is not the same as turning '5' into '4'. > I would like to have some feedback on design and best practice if > possible. We have a randmap set of four ips that are sending email > from @devotion.raystedman.org. Should the rDNS associated with these > ips point to raystedman.org or devotion.raystedman.org? I am not > familiar enough with the RFCs to research this. Would it be a > positive change to move rDNS/master.cf from raystedman.org to > devotion.raystedman.org in this scenario? Your setup is fine. AT&T is effed up. Wietse > Thanks again, Greg > www.RayStedman.org > > On Fri, Oct 23, 2020 at 9:49 AM Wietse Venema <wie...@porcupine.org> wrote: > > > > Wietse Venema: > > > The exact message, incluing the name 'alph765' of the cluster with > > > broken reverse DNS: > > > https://forums.att.com/conversations/att-internet-email-security/prodigynet-reverse-dns-lookup-is-broken/5f07b53ac17a063d9bfecdb8 > > > > > > It affects multiple domains hosted at AT&T: > > > https://community.spiceworks.com/topic/2093608-reverse-dns-record-for-email-rejected-by-sbcglobal > > > https://www.netsolinc.com/prodigy-email-issues/ > > > > > > This is what I did when GMAIL was randomly bouncing mail because > > > of some bogus DNS error: > > > > > > /etc/postfix/main.cf: > > > transport_maps = hash:/etc/postfix/transport > > > [... details omitted...] > > > > That was years ago. > > > > A more targeted approach is to use smtp_delivery_status_filter with > > a regexp that targets that exact error message, and that changes a > > 'hard' reject into a soft one. > > > > For inspiration to turn hard into soft rejects, see examples at > > http://www.postfixlorg/postconf.5.html#default_delivery_status_filter > > > > Wietse >
