Re: Rejecting mail from localhost.localdomain
On 2022-06-27 at 09:51:16 UTC-0400 (Mon, 27 Jun 2022 08:51:16 -0500) Rob McGee is rumored to have said: On 2022-06-26 21:23, Alex wrote: Hi, I was surprised to see I received an email with localhost.localdomain as the envelope sender. It was a legitimate email, but not from my This would have been stopped by http://www.postfix.org/postconf.5.html#reject_unknown_sender_domain (unless you have created "localhost.localdomain" as a valid record in your local DNS, which there is no reason to do.) OR: localhost.localdomain is in the /etc/hosts file (as it is by default in some Linux distros) and the system is configured to let hosts file entries override DNS (the usual nsswitch config.) -- Bill Cole b...@scconsult.com or billc...@apache.org (AKA @grumpybozo and many *@billmail.scconsult.com addresses) Not Currently Available For Hire
Re: Rejecting mail from localhost.localdomain
On 2022-06-26 21:23, Alex wrote: Hi, I was surprised to see I received an email with localhost.localdomain as the envelope sender. It was a legitimate email, but not from my This would have been stopped by http://www.postfix.org/postconf.5.html#reject_unknown_sender_domain (unless you have created "localhost.localdomain" as a valid record in your local DNS, which there is no reason to do.) -- http://rob0.nodns4.us/
Re: Rejecting mail from localhost.localdomain
On Sun, Jun 26, 2022 at 10:23:26PM -0400, Alex wrote:
> Is it safe to add something like this to my helo_checks.pcre:
>
> check_helo_access pcre:$config_directory/helo_checks.pcre
> /*.localdomain/ REJECT
This is a "glob" pattern, it is not a valid PCRE pattern. It
also fails to be tail-anchored, and the "." is not literal.
Try:
/\.localdomain$/REJECT
but this does not require a regex at all (and attention to detail with
REs sadly seems to be beyond many mortals):
check_helo_access ${indexed}helo_checks
# See access(5) and the docs for parent_domain_matches_subdomains
.localhost REJECT
localhost REJECT
> check_sender_access pcre:$config_directory/sender_checks.pcre,
>
> /*.localdomain/ REJECT
Ditto.
--
Viktor.
Rejecting mail from localhost.localdomain
Hi,
I was surprised to see I received an email with localhost.localdomain as
the envelope sender. It was a legitimate email, but not from my mail host.
Jun 16 16:15:29 armor policyd-spf[55040]: prepend Received-SPF: None
(mailfrom) identity=mailfrom; client-ip=50.210.225.242;
helo=vw-00301802261d.localdomain;
envelope-from=asterisk@localhost.localdomain; receiver=
Jun 16 16:15:30 armor postfix-110/qmgr[54319]: 6A2E22000341F:
from=, size=1340777, nrcpt=2 (queue active)
Is it safe to add something like this to my helo_checks.pcre:
smtpd_helo_restrictions =
permit_mynetworks
check_helo_access ${indexed}helo_checks
check_helo_access pcre:$config_directory/helo_checks.pcre
permit
/*.localdomain/ REJECT
and my sender_checks.pcre
smtpd_sender_restrictions =
permit_mynetworks,
check_sender_access ${indexed}sender_checks,
check_sender_access pcre:$config_directory/sender_checks.pcre,
check_sender_access ${indexed}spamsources,
check_sender_ns_access ${indexed}blacklist_ns.cf,
reject_unknown_sender_domain
/*.localdomain/ REJECT
Thanks,
Alex
