Am 23.09.2014 um 20:09 schrieb Henry Stack: > On 23-09-2014 12:31, Reindl Harald wrote: >> [...] >> no reason for that: smtpd_data_restrictions = reject_unauth_pipelining > > its goood, the reason is to block clients who speak to early like spammers > for example. > http://www.postfix.org/postconf.5.html#reject_unauth_pipelining > "This stops mail from bulk mail software that improperly uses ESMTP command > pipelining > in order to speed up deliveries."
but nobody needs "smtpd_data_restrictions" for that just add it to "smtpd_recipient_restrictions" if you want to block spammers it's anyways the wrong tool * use port 587 for submission * setup http://www.postfix.org/POSTSCREEN_README.html on port 25 * postscreen_greet_action = enforce * postscreen_greet_wait = ${stress?2}${stress:10} with the above configuration on port 25 a sane client has to wait 10 seconds before he is allowed to talk the first time and only after passed that it has a chance to talk to smtpd at all well, and then you can configure "postscreen_dnsbl_sites" and "postscreen_dnsbl_action = enforce" with a sensible scoring and you are rid of 90% spam at all
signature.asc
Description: OpenPGP digital signature