I'm seeing a lot of messages in my logs like:
2004-02-03 22:20:24 no host name found for IP address 210.212.89.4
2004-02-03 22:20:33 H=(exploratorium.edu) [210.212.89.4]
F=<2us@???>
This is obviously spam attempts and I've been wondering whether to
save some resources locally by defering incoming connections where
the reverse lookup fails. The reasoning being that by defering the
spammers will be fed up and look elsewhere and I drop the connection
very quickly.
To force reverse lookups I've got:
host_lookup = *
and an acl_smtp_connect set up like this:
defer !verify = reverse_host_lookup
accept
.. which does the job for the simple tests I've made on some
connections from my log files.
Can anyone see why this might not be a good idea before I go live
with it? Presumably denying connections rather than defer is
potentially bad in case the DNS times out?
Thanks,
Glenn
p.s. apologies if these are trivial questions, I get very little time
on mail admin.
