From: Greg Hackney (hackneycincomail.com)
Date: Fri Oct 27 2006 - 13:07:12 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Charles Gregory wrote:
> Question: I tried adding 'reject_unknown_hostname' and expected that I
> would reject all those clients that come up as 'unknown'. And that works,
> just like this, and I'm happy with it:
>
> Oct 27 13:14:13 king postfix/smtpd[16575]: reject: RCPT from
> unknown[217.130.44.197]:
> 450 <din-197-44-130-217.ipcom.comunitel.net>:
> Helo command rejected: Host not found;
> from=<dlkimdsperformancefootwear.net> to=<dummyhwcn.org>
>
> BUT I also go *this* reject:
>
> Oct 27 13:13:41 king postfix/smtpd[9876]: reject: RCPT from
> mxsmfpool02.ebay.com [66.135.209.199]:
> 450 <mx4.smf.ebay.com>:
> Helo command rejected: Host not found;
> from=<savedsearchesebay.ca> to=<youdontneedtoknowhwcn.org>
>
> Incidentally, this is a legit mail server with a 'helo' name
> that does not resolve properly.
>
> The question: I can see the obvious difference: One says 'unknown' and one
> doesn't. Is there a way to only catch the 'unknown' ones?
>
> Sadly, I'm stuck on Postfix 1.2 so the answer may be beyond my reach.
>

The word "unknown" gets added when the sender system's IP address
can't be reverse resolved to a system name.

The 'reject_unknown_hostname' is matching when the HELO string doesn't
have an MX or A record.

Instead, you might want to use 'reject_unknown_client', which will operate
on the sender's IP address, rather than on the HELO string.

--
Greg

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]