On 11/22/2016 4:02 AM, Gerben Wierda wrote: > I was wondering, how many legitimate email (i.e. poorly configured but legit > MTA’s out there) would be blocked with either of these? > > unknown_client_reject_code = 550 # Hmm, should this be another value in the > 5xx range? > smtpd_recipient_restrictions = > …, > reject_unknown_client_hostname > ... > > > unknown_hostname_reject_code = 550 # Hmm, should this be another value in the > 5xx range? > smtpd_helo_restrictions = > …, > reject_unknown_helo_hostname, > … > > I personally suspect that the reject_unknown_client_hostname would block too > much, but the reject_unknown_helo_hostname would be ok. Am I right? > > I’d like to turn this on against spam, but I don’t want to lose legit mail. > > G >
Both these restrictions are known to reject legit mail and should be used with caution. "How much mail" is very subjective. For me, it's not worth the seemingly never ending stream of large and small companies, the occasional tech company, and government agencies that needed to be whitelisted. And virtually all of the mail that would be caught by these rules is rejected by RBLs anyway. That's my experience. Of course, YMMV. If you want to safely test these rules on your mail, put them at the end of your restrictions with "warn if reject" to see how they perform for you. No mail will be rejected, but a warning: will be put in your log. -- Noel Jones
