[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: OT? DNS checks in postfix - best practice, experience

Am 2014-03-06 11:43, schrieb Matus UHLAR - fantomas:
> On 06.03.14 10:42, Jogi Hofmüller wrote:
>> Personally I still think that having a matching IN A and IN PTR record
>> for a mail server *and* use the same name in an EHLO/HELO message is a
>> minimum requirement for a decently configured service.  Still, some
>> admins disagree ...
> just note that requiring the same name in HELO and (fc)rDNS is in a
> violation of the SMTP standard (since it exists).  However I can't find
> this
> requirement in postfix restrictions so this should not be a problem :-)

Thanks for your hint.  I know this is a violation of the standard.
Nevertheless we had this enforced for a while but gave it up.

>>  reject_non_fqdn_sender
>>  reject_non_fqdn_recipient
>>  reject_non_fqdn_helo_hostname
>>  reject_unknown_reverse_client_hostname
>>  reject_unknown_recipient_domain
>>  reject_unknown_sender_domain
> all these should be OK

Thanks for your feedback!

mur.sat -- a space art project                        http://sat.mur.at/

Attachment: signature.asc
Description: OpenPGP digital signature

Reply to: