On 6/28/17 1:32 PM, Wietse Venema wrote:
I suggest that you look at Postfix features that focus on 'unknown'
client names:
http://www.postfix.org/postconf.5.html#reject_unknown_client_hostname
http://www.postfix.org/postconf.5.html#reject_unknown_reverse_client_hostname
These descriptions also discuss permanent versus temporary errors.
Wietse
Thank you for your reply.
I use the first restriction in my setup, but was surprised whenever a
check_client_access entry I added for a vendor's mail server (with an
'OK' result) still resulted in mail being rejected from that server's
"client name".
It was only after I turned to Google and searched the lists here that I
found the answer. Both yours and Viktor's answers made sense, I just
didn't encounter it in the documentation (not that explicit anyway).
Is your answer a combination of multiple points, or is this statement
covered in more detail somewhere?
> For security reasons Postfix does not allow you to whitelist a
client hostname with incorrect PTR/A DNS records
Thank you for your time and my apologies if I'm unclear.
