PGNet Dev:
> I've got a legitimate sender, FedEx, sending expected, automated emails,
> that's got a missing RDNS PTR record on their sending host. For my config,
> Postfix currently rejects is with a 450:
>
> Apr 1 16:22:11 mx postfix/postscreen-internal/smtpd[4947]: NOQUEUE:
> reject: RCPT from pvma00055.prod.fedex.com[204.135.8.96]: 450 4.1.8
> <prvs=799449d577=w...@edc-widmapp.prod.cloud.fedex.com>: Sender address
> rejected: Domain not found;
> from=<prvs=799449d577=w...@edc-widmapp.prod.cloud.fedex.com>
> to=<u...@example.com> proto=ESMTP helo=<mx26.infosec.fedex.com>
>
> I'd like to reject instead with a 550 (or whatever's the appropriate, but
> 'permanent' smtp code) -- but _only_ for FedEx servers in their
> '*.prod.cloud.fedex.com' subdomains; other errant senders/domains should
> still use the 450 default.
>
> I know it's possible; what's the recommended approach here?
> A map of some sort, I'm guessing -- what's the correct restriction to use,
> and syntax for spec'ing the 550 usage?
>
smtpd_mumble_restrictions =
... reject_unauth_destination inline:{fedex.com=OK}
reject_unknown_sender_domain ...
Wietse
