On 03 Mar 2021, at 09:33, Paul Netpresto <[email protected]> wrote:
What is the best way to block MAIL FROM: addresses where the username component
begins with a '$' character. Is this recommended or bad practice?.
On 03.03.21 12:45, @lbutlr wrote:
Why would you want to do that?
The local part of the email address is defined to be either a quoted string
or a dot-atom-text. A dot atom-text is atext with non-repeating '.'
allowed. The allowed characters in atext are:
atext = ALPHA / DIGIT / ; Printable US-ASCII
"!" / "#" / ; characters not including
"$" / "%" / ; specials. Used for atoms.
"&" / "'" /
"*" / "+" /
"-" / "/" /
"=" / "?" /
"^" / "_" /
"`" / "{" /
"|" / "}" /
"~"
So, all alphanumerics and the characters ` ~ ! # $ % ^ & * + - _ = / ? | { }
That said, I don't recall seeing email addresses with # & or % in the local
part.
But you should be able to setup a simple map that rejects them:
csmtpd_helo_restrictions = reject_invalid_helo_hostname
check_helo_access pcre:/etc/postfix/helo_checks.pcre permit
helo_checks.pcre:
/^\$/ REJECT No Funny addresses
you mistook helo string with sender address.
Use smtpd_sender_restrictions and check_sender_access
instead of smtpd_helo_restrictions and check_helo_access
--
Matus UHLAR - fantomas, [email protected] ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
M$ Win's are shit, do not use it !
