Re: smtpd_reject_unlisted_sender
* Len Conrad lcon...@go2france.com: is this param server-wide, or can it be present in smtpd_*_restrictions ? Settings in smtpd_*_restrictions ARE server-wide. -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebra...@charite.de | http://www.charite.de
Re: smtpd_reject_unlisted_sender
Len Conrad: is this param server-wide, or can it be present in smtpd_*_restrictions ? Use this in smtpd_mumble_restrictions: reject_unlisted_sender Reject the request when the MAIL FROM address is not listed in the list of valid recipients for its domain class. See the smtpd_reject_unlisted_sender parameter description for details. This feature is available in Postfix 2.1 and later. Use this as a main.cf name=value setting, or as -o name=value override in master.cf: smtpd_reject_unlisted_sender (default: no) Request that the Postfix SMTP server rejects mail from unknown sender addresses, even when no explicit reject_unlisted_sender access restriction is specified. This can slow down an explosion of forged mail from worms or viruses. Wietse
Re: smtpd_reject_unlisted_sender
-- Original Message -- From: Wietse Venema wie...@porcupine.org Reply-To: Postfix users postfix-users@postfix.org Date: Thu, 18 Feb 2010 17:21:53 -0500 (EST) Len Conrad: is this param server-wide, or can it be present in smtpd_*_restrictions ? Use this in smtpd_mumble_restrictions: reject_unlisted_sender Reject the request when the MAIL FROM address is not listed in the list of valid recipients for its domain class. See the smtpd_reject_unlisted_sender parameter description for details. This feature is available in Postfix 2.1 and later. Use this as a main.cf name=value setting, or as -o name=value override in master.cf: smtpd_reject_unlisted_sender (default: no) Request that the Postfix SMTP server rejects mail from unknown sender addresses, even when no explicit reject_unlisted_sender access restriction is specified. This can slow down an explosion of forged mail from worms or viruses. Wietse Here's the logic we want: smtpd_recipient_restrictions = . . check_sender_access mysql:/path/3rd_level_sender_domain_class.cf, smtpd_reject_unlisted_sender = yes, reject_unlisted_recipient, . . permit 3rd_level_sender_domain_class = . smtpd_reject_unlisted_sender = no, reject_unlisted_recipient, . permit thanks Len
Re: smtpd_reject_unlisted_sender
On 2/18/2010 4:30 PM, Len Conrad wrote: -- Original Message -- From: Wietse Venemawie...@porcupine.org Reply-To: Postfix userspostfix-users@postfix.org Date: Thu, 18 Feb 2010 17:21:53 -0500 (EST) Len Conrad: is this param server-wide, or can it be present in smtpd_*_restrictions ? Use this in smtpd_mumble_restrictions: reject_unlisted_sender Reject the request when the MAIL FROM address is not listed in the list of valid recipients for its domain class. See the smtpd_reject_unlisted_sender parameter description for details. This feature is available in Postfix 2.1 and later. Use this as a main.cf name=value setting, or as -o name=value override in master.cf: smtpd_reject_unlisted_sender (default: no) Request that the Postfix SMTP server rejects mail from unknown sender addresses, even when no explicit reject_unlisted_sender access restriction is specified. This can slow down an explosion of forged mail from worms or viruses. Wietse Here's the logic we want: smtpd_recipient_restrictions = . . check_sender_access mysql:/path/3rd_level_sender_domain_class.cf, smtpd_reject_unlisted_sender = yes, Use reject_unlisted_sender here. http://www.postfix.org/postconf.5.html#smtpd_sender_restrictions restrictions listed above are also valid in smtpd_recipient_restrictions. http://www.postfix.org/postconf.5.html#reject_unlisted_sender reject_unlisted_recipient, . . permit 3rd_level_sender_domain_class = . smtpd_reject_unlisted_sender = no, For no (default) sender checking, set main.cf smtpd_reject_unlisted_sender = no or just remove that parameter, since no is the default. reject_unlisted_recipient, . permit thanks Len -- Noel Jones