On Tue, Mar 10, 2009 at 02:28:00PM -0600, LuKreme wrote:
> On 10-Mar-2009, at 09:59, Linux Addict wrote:
>> smtpd_recipient_restrictions =
>> reject_non_fqdn_sender,
>> reject_non_fqdn_recipient,
>> reject_unknown_sender_domain,
>> reject_unknown_recipient_domain,
>
> I have reject_invalid_hostname here as well (before permit_mynetworks)
This is unwise, SASL authenticated MUAs can easily have bogus HELO names.
>> permit_mynetworks,
>> permit_sasl_authenticated,
>> reject_unauth_destination,
>> reject_unlisted_recipient,
>
> I have reject_unlisted_sender instead, followed by:
It is reasonable to reject unknown recipients early, this is a cheap check,
and your spam stats are much more accurate when you only count mail to
real recipients.
>
>> reject_unknown_reverse_client_hostname
>
> You might want reject_unknown_client_hostname instead.
No, too aggressive.
>> reject_rbl_client zen.spamhaus.org,
>> reject_rbl_client bl.spamcop.net,
>
> I would be very very careful about using spamcop if you are accepting mail
> for others.
>From all reports, it is pretty safe these days.
--
Viktor.
Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.
To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:majord...@postfix.org?body=unsubscribe%20postfix-users>
If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.
