Am 29.04.2013 01:52, schrieb Stan Hoeppner: > On 4/28/2013 9:52 AM, Reindl Harald wrote: >> Am 28.04.2013 14:41, schrieb Wietse Venema: >>> Reindl Harald: >>>> 454: smtpd_relay_restrictions = permit_mynetworks, >>>> permit_sasl_authenticated, defer_unauth_destination >>>> 554: smtpd_relay_restrictions = permit_mynetworks, >>>> permit_sasl_authenticated, reject_unauth_destination >>>> >>>> was the default changed from 2.10-devel to 2.10 final? >>> >>> defer_unauth_destination etc.. is the default safety net for >>> sites that haven't set smtpd_relay_restrictions >> >> ah, i remembered correct it was set by "postfix upgrade-configuration" >> at the bottom of "main.cf", maybe the "safety net" should be the >> same as "postconf -d" which is "reject_unauth_destination"? > > What practical difference do you see between these two reject codes? > The client in this transaction is almost certainly not an MTA. It's > most likely rat/malware, which typically either:
that one is a temporary and the other a permenently error? that i can hardly complain that Apple Inc. is a idiotic company by trying again and again send mails from iPhones without SMTP-Auth even after a hard-error when i randomly answer with a soft error? > And BTW, reject_unknown_reverse_client_hostname would have rejected much > earlier. This IP returns NXDOMAIN. Why aren't you using > reject_unknown_reverse_client_hostname? because it does not matter on a machine which is not MX for any single domain
signature.asc
Description: OpenPGP digital signature
