When reject_unknown_client_hostname triggers on an NXDOMAIN it returns a 550 error, which is great. When it triggers because there is no PTR record, it returns a 450 error, which is also great… except.
What I see is servers that connect hundreds of times, getting 450 errors and ignoring them and trying to send their spam again and again and again. I have some IPs that have tried to connect hundreds of times to send a message that is always going to generate a 450 error since the host does not have a PTR record and never will. I have over 10,000 of these failures on an average day. Does anyone have any suggestions? I am thinking about writing a fail2ban action for them that triggers after 5 or 10 attempts with a long ban, but I am not sure that's a good idea. Or should I just stop worrying and figure the amount of resources being used is insignificant? -- sometimes ascii is the best use of bandwidth... Tonya Engst