On Jul 27, 2009, at 5:08, Magnus Bäck wrote:
On Monday, July 27, 2009 at 10:56 CEST,
Zbyszek <zbi...@o2.pl> wrote:
I googled everywhere, read how-tos but can not find solution for
simple problem in postfix:
I would like to have such config:
- smtp 25/tcp; only server-server communication, only
mail receive for local domain, no relay, no send, encryption
optional,
SPF, blocking 'servers' having ppp, adsl , dialup in domain name. No
auth because real remote servers always do not know credentials.
- submission 587/tcp;only send; encryption required; client-
>server
- smtps SSL 465/tcp;only send; encryption required; client->server
My problem is:
I do not know how to:
-make postfix only receive mail on port 25 only for local domain.
smtpd_recipient_restrictions = reject_unauth_destination
-block incoming mail from domains containing ppp, dialup or adsl
string in domain name.
I don't think that's a terribly good idea, but anyway:
main.cf:
smtpd_client_restrictions = check_client_access pcre:/path/to/file
/path/to/file:
/(ppp|dialup|adsl)/ REJECT
You can move the check_client_access restriction to any other
smtpd_xxx_restrictions if you want. You probably want to implement a
stricter regexp to avoid collateral damage. Stricter expressions have
been posted here in the past. Finally, this assumes that your Postfix
has PCRE support. If not, replace `pcre' with `regexp'.
Magnus,
I can see why he would want to do that - 99% of the spam I get is from
US-based cable modem- and DSL-hosted systems. My host - earthlink -
recently reconfigured their routers to disallow outbound email that
doesn't go through their servers, and I wish all ISPs would do that.
Thanks for telling us how to do this - I'm going to configure it and
try it out.
Daniel
