Eugene Podshivalov: > Have read through the postscreen documentation closely and got it setup and > running already, but could not find the three major possibilities provided > by the tcp wrappers: > 1. block by hostname > 2. block clients with unknown hostname > 3. block clients with invalid address<->name mapping
Those are implemented by http://www.postfix.org/smtpd.8.html Postscreen does not look up or verify the client hostname. It is the FIRST line of defense; the more expensive checks are done in other programs. In increasing order of cost, that's postscreen, smtpd_mumble_restrictions, header/body_checks, and content inspection with Milter, smtpd_proxy_filter, or FILTER. Wietse
