On 2010-09-29 14:33, Juerg Reimann wrote:
Does anybody know whether the Postfix checks
reject_unknown_client_hostname
[aka Reject the request when
1) the client IP address->name mapping fails,
2) the name->address mapping fails,
In these cases it rejects the message with a 450, which is warning
indicating a retry later.
(null route your dns server to test this ;)
3) the name->address mapping does not match the
client IP address]
Then it rejects with afaik a 500, prolly a 5xx. As such the sender will
get a bounce and the sending SMTP server (which is a client in this
case) will have to handle all of that.
follows actually any requirement by a RFC? If so,
which one?
SMTP is one of the least specified protocols concerning security an
checks, it is too old for that, thus nope, no RFC, but there are MAAWG
documents suggesting that one does this.
Note that in general a host which is supposed to be sending mail will
have proper forward/reverse set up and the idea behind this check is
that if the sender can't be bothered to set their mail up correctly why
would the receiver bother to accept it.
Note that the est and most effective method still is to use a scoring
algorithm. Aka: use Spamassassin (or a variety of other such tools)
Greets,
Jeroen