On 03 Mar 2021, at 09:33, Paul Netpresto <p...@netpresto.co.uk> wrote: What is the best way to block MAIL FROM: addresses where the username component begins with a '$' character. Is this recommended or bad practice?.
On 03.03.21 12:45, @lbutlr wrote:
Why would you want to do that? The local part of the email address is defined to be either a quoted string or a dot-atom-text. A dot atom-text is atext with non-repeating '.' allowed. The allowed characters in atext are: atext = ALPHA / DIGIT / ; Printable US-ASCII "!" / "#" / ; characters not including "$" / "%" / ; specials. Used for atoms. "&" / "'" / "*" / "+" / "-" / "/" / "=" / "?" / "^" / "_" / "`" / "{" / "|" / "}" / "~" So, all alphanumerics and the characters ` ~ ! # $ % ^ & * + - _ = / ? | { } That said, I don't recall seeing email addresses with # & or % in the local part. But you should be able to setup a simple map that rejects them: csmtpd_helo_restrictions = reject_invalid_helo_hostname check_helo_access pcre:/etc/postfix/helo_checks.pcre permit helo_checks.pcre: /^\$/ REJECT No Funny addresses
you mistook helo string with sender address. Use smtpd_sender_restrictions and check_sender_access instead of smtpd_helo_restrictions and check_helo_access -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. M$ Win's are shit, do not use it !