On Thu, 27 Aug 2009, Yeray Gutiérrez Cedrés wrote: > On Thu, Aug 27, 2009 at 4:29 AM, Voytek Eymont<li...@sbt.net.au> wrote: > > > > On Wed, August 26, 2009 5:49 am, ghe wrote: > > > >> I've done this by declaring my own internal domain names: slsware.dmz > >> and .lan in the 192.168 1918 IP block and adding them to mynetworks. Then I > >> just reject all mail from my .com domain by putting "check_helo_access > >> hash:/etc/postfix/helo_checks" very early in the > >> smtpd_recipient_restrictions: > > > >>> # This file has to be "compiled" with postmap > >>> # postmap hash:/etc/postfix/helo_checks ; postfix reload > >>> > >>> > >>> localhost REJECT You are not localhost slsware.com > >>> REJECT No, no, no. > >>> You send *to* slsware.com > >>> .slsware.com REJECT No, no, no. You send *to* slsware.com > > > What if the spammer does the following? > > EHLO mail.otherdomain.com > MAIL FROM: gl...@slsware.com > RCPT TO:per...@slsware.com > > In that case, would the forged email be rejected with check_helo_access?
Of course not. Was that a joke? -- Sahil Tandon <sa...@tandon.net>
