Re: real life reasons not to use reject_unknown_client_hostname

On 2018-05-13 10:05, Dominic Raferd wrote: What do people think about reject_unknown_reverse_client_hostname? I use this presuming it to be safe, and it blocks lots of stuff. That's what we use, and from what I've seen it is effective, almost all of the senders with no rDNS are from

Re: real life reasons not to use reject_unknown_client_hostname

On Sun, 13 May 2018, 04:01 James, wrote: > >> I use it. I like it. But... real world can/will bite you in the ass: > > > > Yes, it can. Note this Received header from *your* message: > > > >> Received: from trackivity.com (unknown [IPv6:2607:f0b0:0:205::2]) > >>

Re: real life reasons not to use reject_unknown_client_hostname

I use it.  I like it.  But... real world can/will bite you in the ass: Yes, it can. Note this Received header from *your* message: Received: from trackivity.com (unknown [IPv6:2607:f0b0:0:205::2]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate

Re: real life reasons not to use reject_unknown_client_hostname

On 12 May 2018, at 17:55 (-0400), Thomas Smith wrote: The documentation[1] and several e-mails here mention that reject_unknown_client_hostname can reject legitimate e-mails. What exactly are these scenarios? When do they occur in real life? Are there really legitimate mail servers that

Re: real life reasons not to use reject_unknown_client_hostname

On 12 May 2018, at 18:45 (-0400), James wrote: The documentation[1] and several e-mails here mention that reject_unknown_client_hostname can reject legitimate e-mails. What exactly are these scenarios? When do they occur in real life? Are there really legitimate mail servers that don't have

Re: real life reasons not to use reject_unknown_client_hostname

> On May 12, 2018, at 6:45 PM, James wrote: > > 1) DNS lookup failures: stuff *does* break occasionally and there *will* be > minutes/hours when you reject stuff unintentionally, For the record, when the problem is lost packets, lame delegations, expired

Re: real life reasons not to use reject_unknown_client_hostname

The documentation[1] and several e-mails here mention that reject_unknown_client_hostname can reject legitimate e-mails. What exactly are these scenarios? When do they occur in real life? Are there really legitimate mail servers that don't have a reverse DNS record that resolves to their IP?

Re: real life reasons not to use reject_unknown_client_hostname

On 2018-05-12 (15:55 MDT), Thomas Smith wrote: > > The documentation[1] and several e-mails here mention that > reject_unknown_client_hostname can reject legitimate e-mails. > > What exactly are these scenarios? A mail sender doesn't have an A record. >

real life reasons not to use reject_unknown_client_hostname

The documentation[1] and several e-mails here mention that reject_unknown_client_hostname can reject legitimate e-mails. What exactly are these scenarios? When do they occur in real life? Are there really legitimate mail servers that don't have a reverse DNS record that resolves to their IP?