On Wed, September 18, 2013 1:40 pm, Viktor Dukhovni wrote:
Viktor, thanks
>> hash:/etc/postfix/recipient_no_checks,
> Is your address subject to checks?
oooops... I OK'ed myself in there...
>> reject_non_fqdn_sender, reject_non_fqdn_recipient,
>> reject_invalid_hostname, reject_non_fqdn_hostname,
>
> This should have blocked the example message, but did not. Why?
sorry, I should've checked the 'no check' first...sorry
updated, postmaped, reloaded
so, my presence in "recipient_no_checks", that would also exempt me from
policyd greylist, yes ?
(couldn't see any triplets at all for my address in policyd db)
(more sheepish grin)
so, should I still implement the below suggestions ?
thanks again
> You could try:
>
>
> main.cf:
> # Preferred RE map type:
> RE = pcre:${config_directory}/
>
>
> # HELO restrictions for remote clients
> smtpd_helo_required = yes smtpd_helo_restrictions = permit_mynetworks,
> permit_sasl_authenticated, check_helo_access ${RE}helo.re
>
> helo.re # Clients with non-fqdn HELO names MUST have working FCrDNS
> /^[^.]*$/ reject_unknown_client_hostname
>
>
