Thomas Bohl wrote: > > > > match from mail-from <blocked_senders> reject > > That line doesn't have a for option, so "for local" is implied. > > match from any for any mail-from <blocked_senders> reject > > should do the trick.
Yes it did! Thank you very much. I completely forgot that not specifying for means for local instead of for any. Sometimes it's just the simple things... :) > > > > However, if i use telnet/openssl s_client to connect to the server, I get > > an OK in > > response to MAIL FROM:<t...@simonhoffmann.net> and can state RCPT TO and > > DATA without > > any problems. > > The reject (550 Invalid recipient) will happen after RCPT TO. (Earlier is > only possible with a filter.) That is good and bad. The bad side is that the > error message is "wrong", which makes stuff harder to debug. The good side > of this behaviour is that it signals "Invalid recipient" to an adversary. yeah, w/ regards to the spammers, this might actually not be as bad. :) If I don't like it like that I can still use the filter approach. Thanks! Cheers, Simon
signature.asc
Description: PGP signature