1
0
mirror of https://github.com/mail-in-a-box/mailinabox.git synced 2024-12-22 07:17:05 +00:00

add reject_unlisted_recipient before greylisting, fixes #127

This commit is contained in:
Joshua Tauberer 2014-08-03 00:06:54 +00:00
parent b86656243f
commit 64cb00b9d6

View File

@ -124,9 +124,11 @@ tools/editconf.py /etc/postfix/main.cf \
# reject_non_fqdn_sender: Reject not-nice-looking return paths.
# reject_unknown_sender_domain: Reject return paths with invalid domains.
# reject_rhsbl_sender: Reject return paths that use blacklisted domains.
# permit_sasl_authenticated: Authenticated users (i.e. on port 587).
# permit_mynetworks: Mail that originates locally.
#
# permit_sasl_authenticated: Authenticated users (i.e. on port 587) can skip further checks.
# permit_mynetworks: Mail that originates locally can skip further checks.
# reject_rbl_client: Reject connections from IP addresses blacklisted in zen.spamhaus.org
# reject_unlisted_recipient: Although Postfix will reject mail to unknown recipients, it's nicer to reject such mail ahead of greylisting rather than after.
# check_policy_service: Apply greylisting using postgrey.
#
# Notes:
@ -136,7 +138,7 @@ tools/editconf.py /etc/postfix/main.cf \
# "450 4.7.1 Client host rejected: Service unavailable". This is a retry code, so the mail doesn't properly bounce.
tools/editconf.py /etc/postfix/main.cf \
smtpd_sender_restrictions="reject_non_fqdn_sender,reject_unknown_sender_domain,reject_rhsbl_sender dbl.spamhaus.org" \
smtpd_recipient_restrictions=permit_sasl_authenticated,permit_mynetworks,"reject_rbl_client zen.spamhaus.org","check_policy_service inet:127.0.0.1:10023"
smtpd_recipient_restrictions=permit_sasl_authenticated,permit_mynetworks,"reject_rbl_client zen.spamhaus.org",reject_unlisted_recipient,"check_policy_service inet:127.0.0.1:10023"
# Increase the message size limit from 10MB to 128MB.
tools/editconf.py /etc/postfix/main.cf \