On 2018-05-13 10:05, Dominic Raferd wrote:
What do people think about reject_unknown_reverse_client_hostname? I use this presuming it to be safe, and it blocks lots of stuff.
That's what we use, and from what I've seen it is effective, almost all of the senders with no rDNS are from random-looking "From" addresses. Those that aren't, are usually spammy @gmail accounts or mailing lists.
Even though others mentioned there may be legitimate senders with no rDNS, I don't personally care. No rDNS? No mail from you. And in the past 4 years of that policy we have not received a single complaint from any of hundreds of our business clients, that some legitimate mail is not coming through, due to that.
But, for a while I tried running with reject_unknown_client_hostname, and that rejected legitimate mail. IMHO there's no need to demand full ip->name->ip map.
-- Vlad
