Re: Rejecting mail from localhost.localdomain
On 2022-06-27 at 09:51:16 UTC-0400 (Mon, 27 Jun 2022 08:51:16 -0500) Rob McGee is rumored to have said: On 2022-06-26 21:23, Alex wrote: Hi, I was surprised to see I received an email with localhost.localdomain as the envelope sender. It was a legitimate email, but not from my This would have been stopped by http://www.postfix.org/postconf.5.html#reject_unknown_sender_domain (unless you have created "localhost.localdomain" as a valid record in your local DNS, which there is no reason to do.) OR: localhost.localdomain is in the /etc/hosts file (as it is by default in some Linux distros) and the system is configured to let hosts file entries override DNS (the usual nsswitch config.) -- Bill Cole b...@scconsult.com or billc...@apache.org (AKA @grumpybozo and many *@billmail.scconsult.com addresses) Not Currently Available For Hire
Re: Rejecting mail from localhost.localdomain
On 2022-06-26 21:23, Alex wrote: Hi, I was surprised to see I received an email with localhost.localdomain as the envelope sender. It was a legitimate email, but not from my This would have been stopped by http://www.postfix.org/postconf.5.html#reject_unknown_sender_domain (unless you have created "localhost.localdomain" as a valid record in your local DNS, which there is no reason to do.) -- http://rob0.nodns4.us/
Re: Rejecting mail from localhost.localdomain
On Sun, Jun 26, 2022 at 10:23:26PM -0400, Alex wrote: > Is it safe to add something like this to my helo_checks.pcre: > > check_helo_access pcre:$config_directory/helo_checks.pcre > /*.localdomain/ REJECT This is a "glob" pattern, it is not a valid PCRE pattern. It also fails to be tail-anchored, and the "." is not literal. Try: /\.localdomain$/REJECT but this does not require a regex at all (and attention to detail with REs sadly seems to be beyond many mortals): check_helo_access ${indexed}helo_checks # See access(5) and the docs for parent_domain_matches_subdomains .localhost REJECT localhost REJECT > check_sender_access pcre:$config_directory/sender_checks.pcre, > > /*.localdomain/ REJECT Ditto. -- Viktor.
Rejecting mail from localhost.localdomain
Hi, I was surprised to see I received an email with localhost.localdomain as the envelope sender. It was a legitimate email, but not from my mail host. Jun 16 16:15:29 armor policyd-spf[55040]: prepend Received-SPF: None (mailfrom) identity=mailfrom; client-ip=50.210.225.242; helo=vw-00301802261d.localdomain; envelope-from=asterisk@localhost.localdomain; receiver= Jun 16 16:15:30 armor postfix-110/qmgr[54319]: 6A2E22000341F: from=, size=1340777, nrcpt=2 (queue active) Is it safe to add something like this to my helo_checks.pcre: smtpd_helo_restrictions = permit_mynetworks check_helo_access ${indexed}helo_checks check_helo_access pcre:$config_directory/helo_checks.pcre permit /*.localdomain/ REJECT and my sender_checks.pcre smtpd_sender_restrictions = permit_mynetworks, check_sender_access ${indexed}sender_checks, check_sender_access pcre:$config_directory/sender_checks.pcre, check_sender_access ${indexed}spamsources, check_sender_ns_access ${indexed}blacklist_ns.cf, reject_unknown_sender_domain /*.localdomain/ REJECT Thanks, Alex