On 2023-02-28 at 06:00:39 UTC-0500 (Tue, 28 Feb 2023 12:00:39 +0100)
Jaroslaw Rafa <r...@rafa.eu.org>
is rumored to have said:
Dnia 28.02.2023 o godz. 10:03:23 Alberto pisze:
I see that almost all attacks do not have a valid FQDN, so I have set
the
"reject_non_fqdn_helo_hostname" directive in
"smtpd_helo_restrictions"
directive, which I see is in a previous phase, to reject it
beforehand.
However, it has no effect. The attacks continue to occur in the same
way,
and are rejected at the same point.
Can you explain to me, why this happens?
Because the default setting in Postfix is smtpd_delay_reject=yes .
That means that all restrictions are evaluated at RCPT TO stage, so
you
cannot cause a reject earlier.
Except, as in this case, when the would-be sender tries an unsupported
command, e.g. AUTH. It's really not feasible to postpone rejection in
those cases.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
