On 04/15/2016 05:42 PM, Noel Jones wrote:
On 4/15/2016 4:02 PM, Michael D. Sofka wrote:
I would like to be able to reject the empty envelope-sender, <>, for
authenticated email to our submission and smtps ports. That is, I
want to stop:
235 2.7.0 Authentication successful
mail from:<>
250 2.1.0 Ok
rcpt to:<some...@someplace-not-us.com>
250 2.1.5 Ok
...
It's pretty easy to block the null sender on port 587, and I don't
think that's an unreasonable request. I'll hope/assume you don't
allow AUTH on port 25 since that complicates this.
SMTP-AUTH is allowed on port 25, but it is only available on these
servers on-campus, and restricted to a few, known, server. So this
restriction meets our needs.
All you need to do is add a check_sender_access map to the master.cf
submission service. Simple (incomplete?) example:
# main.cf
submission_sender_checks =
check_sender_access hash:/etc/postfix/reject_null_sender
# master.cf
# existing submission entry
submission ... smtpd
... other options ...
# add sender restrictions
-o smtpd_sender_restrictions=$submission_sender_checks
# reject_null_sender
<> REJECT null sender not allowed
And that works! Thank you!!
Mike
--
Michael D. Sofka sof...@rpi.edu
C&MT Sr. Systems Programmer, Email, TeX, Epistemology
Rensselaer Polytechnic Institute, Troy, NY. http://www.rpi.edu/~sofkam/
