On Tue, Apr 08, 2025 at 09:08:12AM -0400, Phillip Susi via Postfix-users wrote:
> I have:
>
> smtpd_helo_required = yes
> smtpd_helo_restrictions = reject_invalid_helo_hostname,
> reject_non_fqdn_helo_hostname,
> reject_unknown_helo_hostname
I would not recommend the last of these for outright blocking, perhaps a
few too many legitimate, but unsophisticated sending systems use EHLO
names that don't resolve.
> So I was very surprised recently when I started getting spam accepted
> that looks like it is giving a non routable literal IP HELO and it isn't
> being rejected. How is this getting past the invalid and non fqdn helo
> checks? Also it looks like it skipped MAIL FROM. Isn't there a
> restriction to block that?
Postfix does not know which IPs are "routable", and which not. All
IP literals are exempt from the above checks.
--
Viktor.
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
