> Not technically a centos question, but a lot of you guys seem to manage > some large systems > and I could use some clarification on a postfix setting.* > > *reject_unknown_client_hostname > (in postfix < 2.3 reject_unknown_client) > > When I first used this there were issues with users trying to send mail > through the server > from hotels, wireless spots, etc. This was solved by pushing up permit > sasl_authenticated. > > I took it out after those issues. I read many online posts from 2008 > saying too many > false positives. (though none were clear if those were incoming mail or > from mail users) > > Do you use reject_unknown_client_hostname? > > Other than someone trying to access the server to send mail through it > as a user I do > not see how this could be a bad setting and am thinking of using it. > A person sending out a mail to the server, even if in that badly set up > hotel wireless > should be using their gmail, yahoo, own server, isp mail servers and > should not > be directly sending from their iphone....is that correct? > > or do you ignore the use of this setting still? > > -thanks for any updates on the use of this setting. Hi, Bob. I do not use this setting, though I do have this in my main.cf: unknown_address_reject_code = 554 unknown_client_reject_code = 554 unknown_hostname_reject_code = 554 I can understand your wanting to use it, but you definitely want/need to keep the "permit_sasl_authenticated" at the top. The idea, as you're no doubt aware, is that if they have a username and password, presumably you're allowing them to relay email, as long as they've authenticated. The iPhone provides that functionality with little effort required to configure. -- Mike Burger http://www.bubbanfriends.org Visit the Dog Pound II BBS telnet://dogpound2.citadel.org http://dogpound2.citadel.org https://dogpound2.citadel.org To be notified of updates to the web site, visit: https://www.bubbanfriends.org/mailman/listinfo/site-update or send a blank email to: site-update-subscribe at bubbanfriends.org