I've been having spam come in lately from just IP addresses (not reporting any hostname and no reverse lookup entries).
The zimbra.log shows entries such as this:
I've replaced the email address with just email@domainname. I left the incoming IP as it is.
Feb 2 18:05:57 mail postfix/smtpd: connect from unknown[220.127.116.11]
Feb 2 18:06:00 mail amavis: (07072-18) Checking: NqysLox9Q3J2 [18.104.22.168] <email@domainname> -> <email@domainname>
Feb 2 18:06:00 mail amavis: (07072-18) Passed BAD-HEADER, [22.214.171.124][126.96.36.199] <email@domainname> -> <email@domainname>, quarantine: badh-NqysLox9Q3J2, mail_id: NqysLox9Q3J2, Hits: -, size: 697, queued_as: 658EE685401A,
Zimbra is configured so it requires a FQDN and reverse DNS lookup. It doesn't seem to be taking that into account as it allows the email attempt to go through.
Any hints of what I would need to change to prevent these from going through?