First page Back Continue Last page Overview Text

Notes:


smtpd_client_restrictions =
permit_mynetworks
permit_sasl_authenticated
warn_if_reject reject_unknown_client
warn_if_reject reject_rbl_client relays.ordb.org
warn_if_reject reject_rbl_client relays.mail-abuse.org
warn_if_reject reject_rbl_client dialups.mail-abuse.org
warn_if_reject reject_rbl_client blackholes.mail-abuse.org
warn_if_reject reject_rbl_client sbl.spamhaus.org
warn_if_reject reject_rbl_client blackholes.easynet.nl
warn_if_reject reject_rbl_client dul.dnsbl.sorbs.net
# warn_if_reject reject_maps_rbl
# check_client_access hash:/etc/postfix/client_access
# FIXME: reject_unknown_client is dangerous, because of bad configured DNS

smtpd_etrn_restrictions =
permit_mynetworks
permit_sasl_authenticated
# not used check_etrn_access hash:/etc/postfix/etrn_access

smtpd_helo_restrictions =
permit_mynetworks
permit_sasl_authenticated
reject_invalid_hostname
check_helo_access hash:/etc/postfix/helo_access
warn_if_reject reject_non_fqdn_hostname
warn_if_reject reject_unknown_hostname
# FIXME: last rule can be dangerous
# check_helo_access pcre:/etc/postfix/helo_access_regex

/etc/postfix/helo_access
# Reject anybody that HELO's as being in our own domain(s)
# (Note that if you followed the order suggested in the main.cf
# examples, above, that machines in mynetworks will be okay.)

fjfi.cvut.cz REJECT You are not in fjfi.cvut.cz

# Somebody HELO'ing with our IP address?
147.32.9.3 REJECT You are not 147.32.9.3
147.32.5.45 REJECT You are not 147.32.5.45
#/147\.32\.9\.([0-9]{1,3})/ REJECT You are not 147.32.9.$1

# Somebody HELO'ing as "localhost?" Impossible, we're "localhost"
localhost REJECT You are not me