On 2010-09-29 14:33, Juerg Reimann wrote:
Does anybody know whether the Postfix checks reject_unknown_client_hostname [aka Reject the request when
- the client IP address->name mapping fails,
- the name->address mapping fails,
In these cases it rejects the message with a 450, which is warning indicating a retry later.
(null route your dns server to test this ;)
- the name->address mapping does not match the client IP address]
Then it rejects with afaik a 500, prolly a 5xx. As such the sender will get a bounce and the sending SMTP server (which is a client in this case) will have to handle all of that.
follows actually any requirement by a RFC? If so, which one?
SMTP is one of the least specified protocols concerning security an checks, it is too old for that, thus nope, no RFC, but there are MAAWG documents suggesting that one does this.
Note that in general a host which is supposed to be sending mail will have proper forward/reverse set up and the idea behind this check is that if the sender can't be bothered to set their mail up correctly why would the receiver bother to accept it.
Note that the est and most effective method still is to use a scoring algorithm. Aka: use Spamassassin (or a variety of other such tools)
Greets, Jeroen