Recently there seems to be some spam campaign that fills my mail.log with "hostname some.hostname.tld does not resolve to address" messages. Lots of them, like from pflogsum summary: Code: smtpd (top 20) (total: 3462) 2967 hostname customer-HMO-82-247.megared.net.mx does not resolve to... 16 hostname 244-172-235-66-in-addr.arpa.tier.net does not resolve ... There is a year old similar thread by @FredZ : https://forum.howtoforge.com/threads/fail2ban-regex-hostname-doesnt-match-ip.87085/#post-423438 Those messages are warnings and looks like at least some of the time the e-mail trying to arrive from that IP is eventually rejected. Has anyone managed to create fail2ban filter to detect those attempts? Any other nifty way to get rid of those not welcome e-mails?
I don't have such a Fail2Ban filter. You might want to post this in one of the public boards so more people can reply
