Thread: Strengthing mail restriction rules in Postfix

Strengthing mail restriction rules in Postfix

From
"Marc G. Fournier"
Date:
Just added a rule to postfix's config file to try and clean up some of the
trash going through the server, namely:

smtpd_helo_restrictions =
    permit_mynetworks,
    reject_unknown_hostname,
    reject_invalid_hostname,
    reject_non_fqdn_hostname,
    permit

smtpd_sender_restrictions =
    permit_mynetworks,
    reject_invalid_hostname,
    reject_unknown_hostname,
    reject_unknown_sender_domain,
    reject_non_fqdn_hostname,
    reject_non_fqdn_sender,
    permit

which are definied as:

#   reject_invalid_hostname: reject HELO hostname with bad syntax.
#   reject_unknown_hostname: reject HELO hostname without DNS A or MX record.
#   reject_non_fqdn_hostname: reject HELO hostname that is not in FQDN form
#   reject_non_fqdn_sender: reject sender address that is not in FQDN form
#   reject_unknown_sender_domain: reject sender domain without A or MX record.

that should weed out some garbage before it gets into the queues ... or
those users with mis-configured servers ... so, if you are legit, and
trying to send an email through that is being rejected, take a look at the
above as potential causes ...


----
Marc G. Fournier           Hub.Org Networking Services (http://www.hub.org)
Email: scrappy@hub.org           Yahoo!: yscrappy              ICQ: 7615664