Does reject_non_fqdn_helo_hostname, when placed in the
smtpd_helo_restrictions, permit clients to HELO/EHLO
with a square-bracket enclosed dotted quad IPv4 address?
If so, is the dotted quad checked to see that it properly
represents the actual IP address of the actual current client?
Also, I have just added all of the following to my
smtpd_recipient_restrictions:
reject_rhsbl_reverse_client multi.surbl.org
reject_rhsbl_reverse_client multi.uribl.com
reject_rhsbl_reverse_client dbl.spamhaus.org
reject_rhsbl_sender multi.surbl.org
reject_rhsbl_sender multi.uribl.com
reject_rhsbl_sender dbl.spamhaus.org
reject_rhsbl_helo multi.surbl.org
reject_rhsbl_helo multi.uribl.com
reject_rhsbl_helo dbl.spamhaus.org
For the time being, and mostly just to see how effective these filters
are on their own, I have these listed in my smtpd_recipient_restrictions
*prior to* several subsequent reject_rbl_client clauses. Oddly however,
in spite of the ordering, it is appearing to me as if perhaps the above
RHS filters are either not actually being applied or else are being applied
_after_ the subsequent reject_rbl_client filters. Certainly, some spam
that I believe should have been rejected on the basis of one or another
of the above RHS filters I am instead seeing (in my maillog file) being
rejected instead by one or another of the subsequent reject_rbl_client
filters. What could I be doing wrong?
I am running 2.10.0.
Regards,
rfg
