You could create an "ipset" [1] based on your blacklist. Then you'd use a
single "iptables" [2] rule to block all traffic from ipset "MyBlacklist" to
port 25 (or multiple ports or any port).
This way attacker traffic can't reach the port of Postfix, even without
annoying Postfix with them at all
Wietse, Thanks so much for your quick and helpful response! It's an honor to
talk to you!
So my idea might only work, if I use the LAN IP address (e.g. 10.1.2.3) of the
internal mail server as relay_host.
If Postfix can't connect to 10.1.2.3, it will probably retry mail relaying for
some days,
Hello,
I'd like to install Postfix on our Debian Linux laptops to handle local system
messages / notifications, e.g. from "unattended-upgrades" (like "dnf-automatic"
on RH-based Linuxes) or from failed cron jobs.
In our LAN we have an internal Postfix VM (not accessible from the Internet)
that
Matus and Viktor, thank you for your responses!
I'm trying to add an additional BCC for some mail recipients but not for all.
All mails must go into the archive (always_bcc). This works so far.
But now, for some recipients, I'd like to have an additional BCC. So
recipient_bcc_maps seems to be wha
Hello!
I use the "always_bcc" option to collect all emails for a local email archive.
Can one use recipient_bcc_maps in addition to that?
So I could make emails to "u...@example.org" go into the archive (always_bcc)
and also to another BCC address defined through recipient_bcc_maps?
In the mai