I recalled that once I successfully amended the config file of postfix (/etc/postfix/main.cf) to require mandatory reverse lookup of connecting IP addresses and if no hostname could be returned, then the connections would be rejected. The directive for this is :
reject_unknown_reverse_client_hostname,
There is yet another more stringent settting
reject_unknown_client_hostname,
which requires not only that the address->name and name->address mappings exist, but also that the two mappings must reproduce the same client IP address. This one must be used with care. My experience is that not many SMTP servers can satisfy the requirements.
No comments:
Post a Comment