On 2/11/2016 4:59 AM, Karel wrote: > are there any legitimate (non-spam) senders, that would be blocked by > reject_unknown_client_hostname ? >
The reject_unknown_client_hostname restriction is known to reject legitimate non-spam senders. reject_unknown_client_hostname is a very strict test and is known to reject a significant amount of legit mail. It will reject tons of spam, but the amount of good mail rejected is too high for most people. The less strict reject_unknown_reverse_client_hostname checks if the there is a client IP to name mapping, but does not check if that name maps back to the client IP. Very few legit hosts fail this test. This is safe for most sites to use and is an effective part of a multilayer spam defense, and would have blocked the spam message that started this whole thread. You can safely try either or both of these restrictions with "warn_if_reject" and check your logs to see how it would perform for your mail flow without actually rejecting any mail. http://www.postfix.org/postconf.5.html#reject_unknown_client_hostname http://www.postfix.org/postconf.5.html#reject_unknown_reverse_client_hostname http://www.postfix.org/postconf.5.html#warn_if_reject -- Noel Jones