LuKreme a écrit :
> On 27-Mar-2009, at 09:57, Ralf Hildebrandt wrote:
>> * LuKreme <krem...@kreme.com>:
>>> On 26-Mar-2009, at 18:06, Sahil Tandon wrote:
>>>> On Thu, 26 Mar 2009, LuKreme wrote:
>>>>
>>>>> I have in my postffix helo checks, perhaps a bad idea,
>>>>>
>>>>> [some checks up here that reject]
>>>>> /^postmaster\@/ OK
>>>>> /^abuse\@/ OK
>>>>
>>>> Why do these email address patterns appear in a HELO access(5) map?
>>>
>>> Because 9 years ago or so it is what I was told to do. On this list,
>>> I'm
>>> pretty sure.
>>
>> In HELO?
>
> Doesn't sound right, does it. Did helo checks used to apply to the
> entire pre-DATA part of the transaction?
>
>
do not confuse smtpd_helo_restrictions and check_helo_access
smtpd_helo_restrictions are a set of checks that can may contain many
checks, including permit_sasl_authenticated,
reject_unknown_sender_domain, ... etc.
check_helo_access is ONE check that looks the HELO/EHLO argument in a
map and applies the decision found in that map.
in short,
check_helo_access whatever
will never do anything with
/^postmaster\@/
except if a silly spammer heloes with "postmas...@something", which I
have never seen (and which is easily blocked by
reject_invalid_helo_hostname anyway).
and by the way, pcre isn't perl. '@' doesn't need to be escaped ('\@'
isn't needed. '@' is ok).
