Hi
I have setup a filter that drops bad FCrDNS using:
filter "fcrdns" phase connect match !fcrdns disconnect "550 Bad FCrDNS."
That filter is used by my public listen directive. But I have a particular
server/domain that fails that test - and they won’t configure it properly.
Still I need to receive email from them.
Can I (and how) setup a rule (or condition) that bypasses this check for their
particular domain name or server IP?
I thought it works like this:
table goodip file:/etc/mail/good-ips
filter "bypass" phase connect match src goodip bypass
listen on ... port 25 ... filter { "bypass", "fcrdns" }
But I did some testing and it doesn't work. It's like the table isn't
considered at all. If I write "!src" everyone bypasses fcrdns. Which is
at least consistent.
https://man.openbsd.org/table#Source_tables says:
"Source tables are lists of IPv4 and IPv6 addresses. They can only be
used in the following context:
action name relay src <table>"
..what format is "src <table>" from
https://man.openbsd.org/smtpd.conf#MAIL_FILTERING then?
