smtpd_reject_unlisted_sender

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

smtpd_reject_unlisted_sender

Len Conrad
is this param server-wide, or can it be present in smtpd_*_restrictions ?

Len

Reply | Threaded
Open this post in threaded view
|

Re: smtpd_reject_unlisted_sender

Ralf Hildebrandt
* Len Conrad <[hidden email]>:

> is this param server-wide, or can it be present in smtpd_*_restrictions ?

Settings in smtpd_*_restrictions ARE server-wide.

--
Ralf Hildebrandt
  Geschäftsbereich IT | Abteilung Netzwerk
  CharitĂ© - Universitätsmedizin Berlin
  Campus Benjamin Franklin
  Hindenburgdamm 30 | D-12203 Berlin
  Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
  [hidden email] | http://www.charite.de
           
Reply | Threaded
Open this post in threaded view
|

Re: smtpd_reject_unlisted_sender

Wietse Venema
In reply to this post by Len Conrad
Len Conrad:
> is this param server-wide, or can it be present in smtpd_*_restrictions ?

Use this in smtpd_mumble_restrictions:

    reject_unlisted_sender

    Reject the request when the MAIL FROM address is not listed in
    the list of valid recipients for its domain class. See the
    smtpd_reject_unlisted_sender parameter description for details.
    This feature is available in Postfix 2.1 and later.

Use this as a main.cf name=value setting, or as "-o name=value"
override in master.cf:

    smtpd_reject_unlisted_sender (default: no)

    Request that the Postfix SMTP server rejects mail from unknown
    sender addresses, even when no explicit reject_unlisted_sender
    access restriction is specified. This can slow down an explosion
    of forged mail from worms or viruses.

        Wietse

Reply | Threaded
Open this post in threaded view
|

Re: smtpd_reject_unlisted_sender

Len Conrad
In reply to this post by Len Conrad
---------- Original Message ----------------------------------
From: Wietse Venema <[hidden email]>
Reply-To: Postfix users <[hidden email]>
Date:  Thu, 18 Feb 2010 17:21:53 -0500 (EST)

>Len Conrad:
>> is this param server-wide, or can it be present in smtpd_*_restrictions ?
>
>Use this in smtpd_mumble_restrictions:
>
>    reject_unlisted_sender
>
>    Reject the request when the MAIL FROM address is not listed in
>    the list of valid recipients for its domain class. See the
>    smtpd_reject_unlisted_sender parameter description for details.
>    This feature is available in Postfix 2.1 and later.
>
>Use this as a main.cf name=value setting, or as "-o name=value"
>override in master.cf:
>
>    smtpd_reject_unlisted_sender (default: no)
>
>    Request that the Postfix SMTP server rejects mail from unknown
>    sender addresses, even when no explicit reject_unlisted_sender
>    access restriction is specified. This can slow down an explosion
>    of forged mail from worms or viruses.
>
> Wietse

Here's the logic we want:

smtpd_recipient_restrictions =
.
.
 check_sender_access mysql:/path/3rd_level_sender_domain_class.cf,
 smtpd_reject_unlisted_sender = yes,
 reject_unlisted_recipient,  
.
.
permit

3rd_level_sender_domain_class =
.
 smtpd_reject_unlisted_sender = no,
 reject_unlisted_recipient,  
.
permit

thanks
Len

Reply | Threaded
Open this post in threaded view
|

Re: smtpd_reject_unlisted_sender

Noel Jones-2
On 2/18/2010 4:30 PM, Len Conrad wrote:

> ---------- Original Message ----------------------------------
> From: Wietse Venema<[hidden email]>
> Reply-To: Postfix users<[hidden email]>
> Date:  Thu, 18 Feb 2010 17:21:53 -0500 (EST)
>
>> Len Conrad:
>>> is this param server-wide, or can it be present in smtpd_*_restrictions ?
>>
>> Use this in smtpd_mumble_restrictions:
>>
>>     reject_unlisted_sender
>>
>>     Reject the request when the MAIL FROM address is not listed in
>>     the list of valid recipients for its domain class. See the
>>     smtpd_reject_unlisted_sender parameter description for details.
>>     This feature is available in Postfix 2.1 and later.
>>
>> Use this as a main.cf name=value setting, or as "-o name=value"
>> override in master.cf:
>>
>>     smtpd_reject_unlisted_sender (default: no)
>>
>>     Request that the Postfix SMTP server rejects mail from unknown
>>     sender addresses, even when no explicit reject_unlisted_sender
>>     access restriction is specified. This can slow down an explosion
>>     of forged mail from worms or viruses.
>>
>> Wietse
>
> Here's the logic we want:
>
> smtpd_recipient_restrictions =
> .
> .
>   check_sender_access mysql:/path/3rd_level_sender_domain_class.cf,
>   smtpd_reject_unlisted_sender = yes,

Use "reject_unlisted_sender" here.

http://www.postfix.org/postconf.5.html#smtpd_sender_restrictions
restrictions listed above are also valid in
smtpd_recipient_restrictions.
http://www.postfix.org/postconf.5.html#reject_unlisted_sender

>   reject_unlisted_recipient,
> .
> .
> permit
>
> 3rd_level_sender_domain_class =
> .
>   smtpd_reject_unlisted_sender = no,

For no (default) sender checking, set main.cf
smtpd_reject_unlisted_sender = no
or just remove that parameter, since no is the default.


>   reject_unlisted_recipient,
> .
> permit
>
> thanks
> Len
>


   -- Noel Jones