Dustin wrote: > Guys,
> Thanx for the comments... > I think the light is starting to dimly glow above my head! However, if > I add these IP hosts to $mynetworks, wouldn't I then need to create some > type of access map that explicitly denies any sender addresses from the > domains we protect. In other words: > smtpd_sender_restrictions = permit_mynetworks, > hash:/etc/postfix/reject_map > ...where <reject_map> contains: > example.com REJECT > example.org REJECT > etc. > If this is true, then I'm on board with your ideas/plan/approach...if > I'm still off base, forgive my apparent (and utter) ignorance! > Thanx for your patience... > Dustin. Yes, now you understand the concept. The implementation is pretty much just as Ralf has shown it: smtpd_recipient_restrictions = permit_mynetworks reject_unauth_destination check_sender_access hash:/etc/postfix/disallow_my_domain and in hash:/etc/postfix/disallow_my_domain you have: charite.de 554 charite.de sender? But you're not in mynetworks! Note that Postfix uses the envelope sender, so it still will be possible to have a forged From: line in the header if it is different from the envelope sender. For that, I don't see why your meta rule had problems (maybe needs the parentheses, but I have not tested this example). Try something like this: header __FROM_EXAMPLE From ~= /@example\.com/i header __T0_EXAMPLE To ~= /@example\.com/i meta FRGD_SENDER_DOMAIN (__FROM_EXAMPLE && __T0_EXAMPLE) score FRGD_SENDER_DOMAIN 10.0 Gary V ------------------------------------------------------- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642 _______________________________________________ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
