Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
From: mouss (moussml.netoyen.net)
Date: Mon Mar 09 2009 - 17:37:13 CDT
Krishna Murthy a écrit :
> I have reject_unknown_client in my smtpd_recipient_restrictions and
> have 2 questions regarding the working of this option. I looked up the
> documentation, but would love to cross check my understanding with other
> I have noticed that the following scenario results in rejection with
> error -
> 450 4.7.1 Client host rejected: cannot find your hostname
> 1. A host connects to my postfix server from IPAddressA
> 2. IPAddressA has a proper PTR record pointing to HostnameA
> 3. HostnameA has an A record and points to IPAddressB
> 4. IPAddressB does not have a PTR record.
> The above behavior suggests that postfix expects a PTR -> A -> PTR -> A
> mapping. Is my understanding right?
> Or is PTR -> A -> PTR adequate?
IP -> PTR -> A=IP
in case of multiple PTRs, only the first is used. if there is a round
robin, then you should guarantee the match above for all PTRs, or you'll
have a mismatch from time to time.
Multiple A record (last step) are ok.
> 2. If IPAddressA points to HostnameA and HostNameA points to IPAddressB
> ( not to IPAddressA), should that be considered as an unknown_client and
> eligible for rejection?
it's "unknown_client", but this is too aggressive today. you'll have to
wait until the big gorillas (aol, google, ... etc) enforce this.