Home Forums OS X Server and Client Discussion Mail SMTP settings for reverse resolving IPs

Viewing 6 posts - 1 through 6 (of 6 total)
  • Author
    Posts
  • March 24, 2006 at 1:04 pm #365806
    gw1500se
    Participant

    Although it appears there is nothing in the GUI to set it, is there a way to set SMTP to reject email from servers whose IP address cannot be reverse resolved? TIA.

    March 24, 2006 at 5:15 pm #365819
    gw1500se
    Participant

    Thanks for the reply. Who is ‘they’? If you mean Apple, I could use a link as I found nothing on that with my own searches.

    As for what most spammers know, I get at least 100 connections per day that cannot be reverse resolved. Fortunately, blacklists and Spamassassin catch many of them but not enough.

    March 28, 2006 at 1:34 pm #365842
    gw1500se
    Participant

    After a little more research I think I found what I am looking for. There is a postfix config parameter ‘smtpd_client_restrictions=reject_unknown_client_hostname’. Does anyone have experience with this? My main concern is that if I turn this on will all my local mail be rejected from my DHCP users or do I need to put an entry in my DNS zone for them? TIA.

    March 29, 2006 at 6:25 pm #365855
    gw1500se
    Participant

    I tried setting that parameter and it seems postfix does not recognize it. This may be a version issue. I cannot find what version of postfix this is. Does anyone know? Hopefully it is 2.1 or higher. Assuming that is the case does anyone know why postfix does not recognize it? TIA.

    April 4, 2006 at 1:35 pm #365889
    gw1500se
    Participant

    It now appears that Apple’s implementation is not standard or an obsolete version of Postfix. I found that the following works but is not in the postfix.com documentation:
    [code]
    smtpd_helo_required = yes
    smtpd_helo_restrictions = reject_unknown_hostname
    [/code]
    Unfortunately this is the equivalent of the strict restriction in the postfix.com documentation (reject_unknown_client_hostname). The less strict setting (reject_unknown_reverse_client_hostname) does not work nor does what seems logically to the be equivalent Apple setting, reject_unknown_reverse_hostname. And of course that is the setting I need.

    April 4, 2006 at 5:28 pm #365895
    gw1500se
    Participant

    That’s why I need the less strict form. As long as the IP resolves to some name it will eliminate most of the spam that is now slipping by the blacklists and Spamassassin.

  • Author
    Posts
Viewing 6 posts - 1 through 6 (of 6 total)
  • You must be logged in to reply to this topic.

Comments are closed

Copyright © 2025 AFP548. All Rights Reserved.