On Wed, Feb 04, 2009 at 08:52:45AM -0600, Matthew Hebert wrote:
> smtpd_recipient_restrictions =
> reject_non_fqdn_recipient
> reject_non_fqdn_sender
> reject_unknown_sender_domain
> reject_unknown_recipient_domain
> reject_unverified_recipient
> permit_mynetworks
> check_sender_access hash:/etc/postfix/sender_access
> check_sender_access hash:/etc/postfix/rhsbl_sender_exceptions
Open relay!
> reject_unverified_recipient
> reject_unauth_destination
Move, the sender checks beloe "reject_unauth_destination" or into
smtpd_sender_restrictions.
> reject_unauth_pipelining
> reject_invalid_hostname
> reject_non_fqdn_hostname
> reject_rbl_client sbl-xbl.spamhaus.org
Use zen.spamhaus.org instead, it is far more effective, with negligible
FPs.
> reject_rbl_client list.dsbl.org
This RBL is long dead. Remove it from your configuration.
> reject_rbl_client bl.spamcop.net
> reject_rhsbl_sender dsn.rfc-ignorant.org
Not wise for outright SMTP rejects, too many FPs, and does not directly
address spam. Remove this RBL.
> permit
Make sure you have a correctly configured local DNS cache.
Report your findings after fixing the above.
--
Viktor.
Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.
To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:majord...@postfix.org?body=unsubscribe%20postfix-users>
If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.
