On Tue, Apr 08, 2025 at 09:08:12AM -0400, Phillip Susi via Postfix-users wrote: > I have: > > smtpd_helo_required = yes > smtpd_helo_restrictions = reject_invalid_helo_hostname, > reject_non_fqdn_helo_hostname, > reject_unknown_helo_hostname
I would not recommend the last of these for outright blocking, perhaps a few too many legitimate, but unsophisticated sending systems use EHLO names that don't resolve. > So I was very surprised recently when I started getting spam accepted > that looks like it is giving a non routable literal IP HELO and it isn't > being rejected. How is this getting past the invalid and non fqdn helo > checks? Also it looks like it skipped MAIL FROM. Isn't there a > restriction to block that? Postfix does not know which IPs are "routable", and which not. All IP literals are exempt from the above checks. -- Viktor. _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org