Am 24.02.2015 um 19:48 schrieb Adrian Minta:
On 24.02.2015 20:40, Reindl Harald wrote:Am 24.02.2015 um 19:37 schrieb Adrian Minta:On 24.02.2015 20:29, Reindl Harald wrote:don't allow senders which you would not receive mail for - periodSeems interesting, at least until the bots adapt to this. Any idea how could this be implemented?with the configuration i have posted in that thread? for me that was a prerequisite before even consider put my first mailserver setup on a public IP and that's enforced even on any webserver here by shared database tablesUps ... sorry, reject_authenticated_sender_login_mismatch from smtpd_sender_restrictions ofc. I was thinking about not accepting mails from users/ip witch don't do a least one pop3 or imap read before sending
pop-before-smtp was a completly broken idea 15 years ago and is now much more after having a ton of clients behind carrier-grade NAT (mobile devices and all that stuff)
* implement SMTP auth properly * enforce SMTP auth unconditionally * don't allow foreign sender domains if you can't do that 3 things don't run a public mailserver
signature.asc
Description: OpenPGP digital signature
