From: Cedric Knight, GreenNet (cedricgn.apc.org)
Date: Tue Feb 12 2008 - 03:48:47 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Noel Jones <njonesmegan.vbhcs.org> wrote:
> Cedric Knight, GreenNet wrote:
[...]
> > Is there some way to look up the "reverse_name" in a table,
instead
> > of limiting it to verified hostnames?

>
> Postfix doesn't have a "check_reverse_client_access" lookup
> because unverified hostnames can't be used safely for
> whitelisting.
>
> You can use (or write) a policy server that rejects clients
> based on the reverse hostname. I believe "policyd" has this
> ability, along with many others.
> http://www.postfix.org/SMTPD_POLICY_README.html
> http://www.postfix.org/addon.html#policy
> http://policyd.sourceforge.net/
>
> Or you can patch the source code to add a new lookup type;
> this particular mod looks fairly easy.

Thanks. That makes my options clear. In fact, one of the purposes of
doing this was preventing some connections getting as far as the
policy stage (in this case gps greylisting) and avoiding relatively
CPU-intensive database lookups. Maybe I'll request it as a feature,
but in the meantime I may have to break the banned hostnames down into
IP/24 blocks.

CK

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]