On 2018-05-13 10:05, Dominic Raferd wrote:
What do people think about reject_unknown_reverse_client_hostname? I
use this presuming it to be safe, and it blocks lots of stuff.
That's what we use, and from what I've seen it is effective, almost all
of the senders with no rDNS are from random-l
On Sun, 13 May 2018, 04:01 James, wrote:
> >> I use it. I like it. But... real world can/will bite you in the ass:
> >
> > Yes, it can. Note this Received header from *your* message:
> >
> >> Received: from trackivity.com (unknown [IPv6:2607:f0b0:0:205::2])
> >> (using TLSv1 with cipher ADH
I use it. I like it. But... real world can/will bite you in the ass:
Yes, it can. Note this Received header from *your* message:
Received: from trackivity.com (unknown [IPv6:2607:f0b0:0:205::2])
(using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
(No client certificate requested)
On 12 May 2018, at 17:55 (-0400), Thomas Smith wrote:
The documentation[1] and several e-mails here mention that
reject_unknown_client_hostname can reject legitimate e-mails.
What exactly are these scenarios? When do they occur in real life? Are
there really legitimate mail servers that don't
On 12 May 2018, at 18:45 (-0400), James wrote:
The documentation[1] and several e-mails here mention that
reject_unknown_client_hostname can reject legitimate e-mails.
What exactly are these scenarios? When do they occur in real life?
Are there really legitimate mail servers that don't have a
> On May 12, 2018, at 6:45 PM, James wrote:
>
> 1) DNS lookup failures: stuff *does* break occasionally and there *will* be
> minutes/hours when you reject stuff unintentionally,
For the record, when the problem is lost packets, lame delegations,
expired DNSSEC signatures, ... mail will be de
The documentation[1] and several e-mails here mention that
reject_unknown_client_hostname can reject legitimate e-mails.
What exactly are these scenarios? When do they occur in real life? Are
there really legitimate mail servers that don't have a reverse DNS
record that resolves to their IP?
On 2018-05-12 (15:55 MDT), Thomas Smith
wrote:
>
> The documentation[1] and several e-mails here mention that
> reject_unknown_client_hostname can reject legitimate e-mails.
>
> What exactly are these scenarios?
A mail sender doesn't have an A record.
> When do they occur in real life?
Yes.
The documentation[1] and several e-mails here mention that
reject_unknown_client_hostname can reject legitimate e-mails.
What exactly are these scenarios? When do they occur in real life? Are
there really legitimate mail servers that don't have a reverse DNS
record that resolves to their IP?