There are a lot of "hostname ... does not resolve to address ..." in mail.log. Yesterday: Code: Warnings -------- smtpd (total: 1254) 606 hostname 77-105-44-25.adsl-2.sezampro.rs does not resolve to ad... 30 table "mysql:/etc/postfix/mysql-virtual_client.cf": empty query... 14 hostname 174.134.181.60.broad.wz.zj.dynamic.163data.com.cn does... I thought to use fail2ban, banning them for a while. But seems there are no filters I can find to do that. Before writing my own filter, is this banning not a good idea? I assume if it were without bad side effects, fail2ban would already have suitable filter to ban these somewhere.
Do you have something like this in recipient restrictions (or helo restrictions) in postfix main.cf: reject_invalid_hostname,reject_non_fqdn_hostname,reject_unknown_recipient_domain,reject_non_fqdn_recipient,reject_non_fqdn_sender,reject_unknown_sender_domain,reject_unknown_recipient_domain I guess that should help to reject unknown or unresolvable addresses directly in postfix without using fail2ban.
Yes I have. Those mail sending attempts are rejected, but It seemed a good idea to ban repeated attempts in fail2ban so they do not get to postfix anymore.
Not sure I would take the extra step to ban them in f2b, but you can do that of course. I don't have any rules for this at hand though.