On Tue, Jan 12, 2010 at 03:47:57PM -0500, Frank Cusack wrote:
>> Don't use "reject_unknown_client_hostname" indiscriminantly. Do so only
>> for CIDR blocks in which you find a small number of legitimate MTAs in a
>> larger pool of spam sending hosts without valid PTR records.
>
> In my case, I don't have reject_unknown_client_hostname configured.
> Here is my postconf -n, also in my other thread on my problem:
In that case Postfix is completely agnostic about the DNS PTR records.
Now use tcpdump to verify that the client disconnects either before
it sees the 220 banner from Postfix, or just after with no negative
feedback from Postfix.
Far more likely the client's firewall does not properly ECN, or window
scaling or some other modern feature of your TCP stack.
When a client disconnects "after CONNECT", Postfix never saw a HELO/EHLO
from the client, so no real SMTP dialogue took place. This is almost
always TCP/firewall issues, resolved in the same way as with other layer
3/4 issues.
>> Postfix does not by default reject clients with mismatched forward/reverse
>> DNS. Do not enable this feature for all IPs, it is not recomended. With
>> or without multiple PTRs, plenty of valid MTAs have various DNS issues.
>
> It doesn't seem my configuration is doing that? I know I am not
> intentionally doing it, that's for sure. I could care less if PTR matched.
> But that is the distinguishing factor for this host trying to send me
> mail, which is why I latched onto it.
You latched onto a red-herring, it is far wiser to report accurate symptoms
than to speculate about theoretical causes of unreported behaviour.
--
Viktor.
Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.
To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:majord...@postfix.org?body=unsubscribe%20postfix-users>
If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.
