|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: How to block a MX without revers DNS is working ?
From: Alexander Grüner (agruener
gmx.de)
Date: Mon Jul 03 2006 - 02:30:36 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi Ralf :-)
Thanks for your answer.
>> In the file blocked_dialin there a entries like:
>>
>> /^p[a-z0-9]{8}\.dip\.t-dialin\.net$/ 554 Please use
>> SMTP relay of your ISP or setup a proper reverse DNS resolution
>
> That's of course absurd, since the HAVE proper reverse DNS resolution
> (otherwise you'd be seeing "unknown" as client hostname!)
OK, maybe my english is not the very best. Proper in the sense of
"angemessen oder sachgerecht" (we are both german), which means no
simple reverse dialin. Problem is M-Net in Munich for example. They give
you a fixed IP but the name is still something like dialin.* . You have
to call them and say - please change it to mail.company.de. I just
copied this error from a page who deals with these dialins... ;-)
>> Now my question: How can I block this email from this MX? Does my
>> restriction only work if reverse DNS works?
>
> Correct. In your case, the client would show up as "unknown".
To block everything with "unknown" and doing a reject_unknown_client is
quite a risk for me. Is there any way in postfix to block this with
check_client_access if only the forward DNS works ? Or any other idea
how to block these dialups from /^.*dhcp.*\.charter.com$/ ?
Regards,
Alexander
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]