|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
How to block a MX without revers DNS is working ?
From: Alexander Grüner (agruener
gmx.de)
Date: Mon Jul 03 2006 - 01:11:39 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hello :-)
I have set up a huge list of dialups (blocked_dialin) which I reject on
my postfix.
main.cf:
....
smtpd_client_restrictions =
check_client_access hash:/etc/postfix/blocked_ip,
check_client_access regexp:/etc/postfix/blocked_dialin,
.....
In the file blocked_dialin there a entries like:
/^p[a-z0-9]{8}\.dip\.t-dialin\.net$/ 554 Please use
SMTP relay of your ISP or setup a proper reverse DNS resolution
/^p[a-z0-9]{8}\.dip[0-9]{0,1}\.t-ipconnect\.de$/ 554 Please use
SMTP relay of your ISP or setup a proper reverse DNS resolution
And also this one:
/^.*dhcp.*\.charter.com$/ 554 Please use
SMTP relay of your ISP or setup a proper reverse DNS resolution
Normally it works really fine:
Jul 3 06:30:07 ns3 postfix/smtpd[23859]: connect from
p5084fe9f.dip.t-dialin.net[80.132.254.159]
Jul 3 06:30:07 ns3 postfix/smtpd[23859]: NOQUEUE: reject: RCPT from
p5084fe9f.dip.t-dialin.net[80.132.254.159]: 554
<p5084fe9f.dip.t-dialin.net[80.132.254.159]>: Client host rejected:
Please use SMTP relay of your ISP or setup a proper reverse DNS
resolution; from=<Rowenabetsyearthlink.net> to=<aszegiexample.com>
proto=ESMTP helo=<ZUHAUSE-9D45CC3>
I would now expect that this mail will be also blocked but there seems
to be perhaps something with DNS which I do not understand (yet):
Jul 2 22:26:44 ns3 postfix/smtpd[20674]: warning: smtpd_peer_init:
71.15.125.33: hostname 71-15-125-33.dhcp.ftwo.tx.charter.com
verification failed: Name or service not known
Jul 2 22:26:44 ns3 postfix/smtpd[20674]: connect from unknown[71.15.125.33]
Jul 2 22:26:44 ns3 postfix/smtpd[20660]: warning: smtpd_peer_init:
71.15.125.33: hostname 71-15-125-33.dhcp.ftwo.tx.charter.com
verification failed: Name or service not known
Jul 2 22:26:44 ns3 postfix/smtpd[20660]: connect from unknown[71.15.125.33]
Jul 2 22:26:45 ns3 postfix/smtpd[20674]: 366E81B31D:
client=unknown[71.15.125.33]
Jul 2 22:26:45 ns3 postfix/smtpd[20660]: 38BB92807F:
client=unknown[71.15.125.33]
Jul 2 22:26:47 ns3 postfix/cleanup[20721]: 366E81B31D:
message-id=<001b01c69e15$d515430d$aed70f47kcel.krtrz>
Jul 2 22:26:47 ns3 postfix/cleanup[20722]: 38BB92807F:
message-id=<001b01c69e15$d517b40d$76760f47mf.sozyst>
Jul 2 22:26:48 ns3 postfix/qmgr[20033]: 366E81B31D:
from=<gmtctxazicorp.com>, size=38908, nrcpt=1 (queue active)
Jul 2 22:26:49 ns3 postfix/smtpd[20674]: disconnect from
unknown[71.15.125.33]
....
My nslookup shows:
nslookup 71.15.125.33
...
Non-authoritative answer:
33.125.15.71.in-addr.arpa name =
71-15-125-33.dhcp.ftwo.tx.charter.com.
OK, the same is in the logfile.
But reverse seems to be bad:
nslookup 71-15-125-33.dhcp.ftwo.tx.charter.com
...
** server can't find 71-15-125-33.dhcp.ftwo.tx.charter.com: NXDOMAIN
Now my question: How can I block this email from this MX ? Does my
restriction only work if reverse DNS works ? Or is there another point I
do not see yet ? Sorry if I missed something in the documentation...
I am using postfix-2.1.5-3.4 on a SuSE Linux 9.2 .
Thank you & regards,
Alexander
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]