On Sunday 20 March 2005 11:18 pm, Jeffrey L. Taylor wrote:
Quoting Ken Schneider <suse-list@bout-tyme.net>:
Anyone know how to block emails such as the following:
Mar 20 21:01:19 pc1 postfix/smtpd[8376]: connect from unknown[85.95.64.210] Mar 20 21:01:21 pc1 postfix/smtpd[8376]: 65F9CC6F2AD: client=unknown[85.95.64.210]
The connect from unknown is what I want blocked, not necessarily this address (although I have blocked this subnet).
Doing this will lose legitimate mail. I have been running my own mail server for three years and am surprised at how many badly configured servers there are out there. Even for big tech companies.
You mean this "may" lose legitimite email, not it "will". I've blocked unresolvable hosts at home for better than 5 years, and have not missed anything. By that I mean that I've received all email that was expected, and have not received any letters or phone calls informing me of rejected email (either destined to me, or to one of the users there). :) The same thing applies at work, but for just under 5 years.
I suggest you add warn_if_reject before the reject_unknown_hostname at first. If after a month, it hasn't had a false positive, then make it real. Below is what I use.
warn_if_reject reject_unknown_recipient_domain,
Why would you ever have to warn about rejecting unknown recipient domains? Did you expect to receive mail to domains that your mail server couldn't resolve, or send mail to similarly unresolvable domains? :) BTW, you could save a couple of lines in your rules by removing the "permit" as the last rule. It's redundant. --Danny