Wietse Venema via Postfix-users wrote in <4wk8qr69xlzj...@spike.porcupine.org>: |Steffen Nurpmeso via Postfix-users: |> That looks doable, but it seems to me that i then have to use |> a very high limit which postfix announces via "250-SIZE", and |> reject many (practically all) emails because of size restrictions | |You can suppress the SIZE announcement with | | smtpd_discard_ehlo_keywords = size, silent_discard
Ah, good to know there is a way to do that. And with smtpd_discard_ehlo_keyword_address_maps i can selectively do so, which could be my way to go. (And thankfully there is the # smtpd_discard_ehlo_keyword_address_maps = cidr:/path/to/file # /path/to/file: # 10.0.0.0/24 chunking, silent-discard in the very detailed smtpd_forbid_bare_newline documentation.) To my pity this only allows CIDR not hostnames, and *that* could become *my* use case for SPF, as Google documents how to figure out its IP addresses (dig _spf.google.com TXT, plus digging the same for the given include: directive, currently "v=spf1 include:_netblocks.google.com include:_netblocks2.google.com include:_netblocks3.google.com ~all"). Ok, SPF is useful. |but you'd still have to configure message_size_limit as the maximal |upperbound of the allowed message sizes. I surely want this. ..in this context i reread RFC 9422 "The LIMITS SMTP Service Extension" from this year and saw the enormous S: 250-SIZE 100000000 and All that said, decades of operational experience with the SMTP "SIZE" extension [SIZE], which provides servers with the ability to indicate message size, indicates that such abuse is rare and unlikely to be a significant problem. as well as RFC 3463 "Enhanced Mail System Status Codes", and since 5.XXX.XXX Permanent Failure A permanent failure is one which is not likely to be resolved by resending the message in the current form. Some change to the message or the destination must be made for successful delivery. is "so generic" that i think the approach of not offering SIZE and then failing with a 5. is my way. (But .. how about allowing negative message_size_limit to mean "announce SIZE, but without a value", so that clients (who understand that, mine does not (yet)) get an immediate notion that 5. could mean size limit, instead of only assuming that 5. can mean a size limit, you know.) Thank you, --steffen | |Der Kragenbaer, The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt) _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org