On 02/11/16 09:25, Karel wrote:
Hello,
I am using following smtpd_client_restriction:
reject_unknown_client_hostname
Now, both my nameservers were offline, and postfix could not resolve IP
addresses and thus rejected all hosts:
NOQUEUE: reject: RCPT from unknown[x.x.x.x]: 450 4.7.1 Client host
rejected: cannot find your hostname, [x.x.x.x]
I know that unreachable nameservers are a problem of its own, and that
it should not happen. But still, is there anything I can do in Postfix
to mitigate this, should it happen again?
thanks,
Karel
According to documentation
http://www.postfix.org/postconf.5.html#reject_unknown_client_hostname
http://www.postfix.org/postconf.5.html#unknown_client_reject_code
''' The reply is always 450 in case the address->name or name->address
lookup failed due to a temporary problem. '''
So it looks like it is not configurable behavior. As you admit that no
DNS situation is bad on it's own why do you want to accept-by-default
all e-mail instead of deferring it? It makes little sense to me as in
that scenario most of the anti-spam and anti-fraud systems are down
(RBLs, DKIM, DMARC, FCRDNS checks etc) so you will be accepting pretty
much all the garbage that hits you.
I would rather 450 all mail by default if no resolvers are available as
no mail should be lost if you fix that soon enough.
k.