From: donovan jeffrey j (donovanbeth.k12.pa.us)
Date: Thu Aug 12 2010 - 13:07:45 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

greetings

all day long I see tons of reject warnings from different ips sample
reject_warning: RCPT from unknown[65.60.20.157]: 450 Client host rejected: cannot find your hostname, [65.60.20.157];

when I do an nslookup or host that IP it returns a 157.20.60.65.in-addr.arpa domain name pointer sh4.amazingfireman.info

but dig returns nothing so postfix returns a reject warning.
Much of this mail is unwanted , i want to block the majority of these however I do not want to block users that use a colocation site or legit users;

example; i know these people are legit but have no control over their mailserver
reject_warning: RCPT from unknown[209.131.70.106]: 450 Client host rejected: cannot find your hostname, [209.131.70.106]; from=<userdhuy.com>

Non-authoritative answer:
106.70.131.209.in-addr.arpa name = ip70-106-tcpbbs.net.

dig shows nothing for that ip but they do have an mx record under their domain name dhuy.com

;; ANSWER SECTION:
dhuy.com. 1595 IN MX 10 mail.dhuy.com.

Name: mail.dhuy.com
Address: 209.131.70.106

nc1-100:~ drfoo$ host 209.131.70.106
106.70.131.209.in-addr.arpa domain name pointer ip70-106-tcpbbs.net

it goes in a circle.

So in hopes that i can allow them to pass i have added the IP to my smtpd_client_restrictions = permit_mynetworks check_client_access hash:/etc/postfix/access
is that the right approach ?

insight and flames welcome
-j

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]