On Tue, Mar 10, 2009 at 02:28:00PM -0600, LuKreme wrote: > On 10-Mar-2009, at 09:59, Linux Addict wrote: >> smtpd_recipient_restrictions = >> reject_non_fqdn_sender, >> reject_non_fqdn_recipient, >> reject_unknown_sender_domain, >> reject_unknown_recipient_domain, > > I have reject_invalid_hostname here as well (before permit_mynetworks)
This is unwise, SASL authenticated MUAs can easily have bogus HELO names. >> permit_mynetworks, >> permit_sasl_authenticated, >> reject_unauth_destination, >> reject_unlisted_recipient, > > I have reject_unlisted_sender instead, followed by: It is reasonable to reject unknown recipients early, this is a cheap check, and your spam stats are much more accurate when you only count mail to real recipients. > >> reject_unknown_reverse_client_hostname > > You might want reject_unknown_client_hostname instead. No, too aggressive. >> reject_rbl_client zen.spamhaus.org, >> reject_rbl_client bl.spamcop.net, > > I would be very very careful about using spamcop if you are accepting mail > for others. >From all reports, it is pretty safe these days. -- Viktor. Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the "Reply-To" header. To unsubscribe from the postfix-users list, visit http://www.postfix.org/lists.html or click the link below: <mailto:majord...@postfix.org?body=unsubscribe%20postfix-users> If my response solves your problem, the best way to thank me is to not send an "it worked, thanks" follow-up. If you must respond, please put "It worked, thanks" in the "Subject" so I can delete these quickly.