> This IMGate config works great. I just have a couple of SPAM messages > coming through now. I have noticed that the ones that are coming through > have no HELO hostname. I there a SMTP restriction to block those > messages?
Yes, but you might want to turn it on with warn_if_reject and take a look at your logs first. >From http://www.postfix.org/uce.html : warn_if_reject Change the meaning of the next restriction, so that it logs a warning instead of rejecting a request (look for logfile records that contain "reject_warning"). This is useful for testing new restrictions in a "live" environment without risking unnecessary loss of mail. reject_invalid_hostname Reject the request when the client HELO or EHLO parameter has a bad hostname syntax. The invalid_hostname_reject_code specifies the response code to rejected requests (default: 501). reject_unknown_hostname Reject the request when the hostname in the client HELO (EHLO) command has no DNS A or MX record. The unknown_hostname_reject_code specifies the response code to rejected requests (default: 450). reject_non_fqdn_hostname Reject the request when the hostname in the client HELO (EHLO) command is not in fully-qualified domain form, as required by the RFC. The non_fqdn_reject_code specifies the response code to rejected requests (default: 504). So you could add: warn_if_reject reject_invalid_hostname, warn_if_reject reject_unknown_hostname, warn_if_reject reject_non_fqdn_hostname, in the restrictions list, then parse out the warnings with grep the next day. This will be very good for two reasons. First, you will learn how warn_if_reject works. Second, you will see how overkill the reject_*_hostname settings are without loss of mail. --Eric
