From: Blake Hudson (blakeispn.net)
Date: Fri Sep 01 2006 - 09:35:03 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

o2 - Marcin Wasilewski wrote:
> Hello,
>
> I have a question to all of You who use: reject_non_fqdn_hostname and
> reject_unknown_hostname.
> I get lot of SPAM messages and almost all of them are from host which
> in my mail.log are UNKNOWN, ie:
> connect from unknown[222.181.95.54]
> Sep 1 10:03:42 mymailhost postfix/smtpd[22196]: NOQUEUE: reject: RCPT
> from unknown[222.181.95.54]: 550 <ukaszdmydomainname>: Recipient
> address rejected: User unknown; from=<abelpmoreirahotmail.com>
> to=<ukaszdmydomainname> proto=ESMTP helo=<LENOVO-OEM>
>
> Actually I use:
> smtpd_helo_restrictions =
> permit_mynetworks
> check_helo_access hash:/etc/postfix/db/helo_access
> reject_invalid_hostname
>
> and I would like to enable
> reject_non_fqdn_hostname
> reject_unknown_hostname
>
> but I wonder how many false-positives it gives..
>
> and one more question: I saw in doc that I could use: warn_if_reject,
> but how to correctly place it in my config to see how these two rules
> above will be hit.
>
> Best regards
> Marcin

I would suggest using reject_invalid_hostname, but be sure to place it
after the permit_mynetworks check. Otherwise you will see false
positives with clients that provide hostnames with just the PC name.

I have to agree with Rene that reject_unknown_hostname provides too many
false positives for some environments. You can test for your uses by
using the warn_if_reject. To use warn_if_reject, your helo restrictions
would look like this:

smtpd_helo_restrictions =
       permit_mynetworks
       check_helo_access hash:/etc/postfix/db/helo_access
       reject_invalid_hostname
       warn_if_reject reject_unknown_hostname

-Blake

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]