What should the contents of /etc/postfix/access_helo.cidr look like?
I assume in there one should also place RFC1918 addresses? What is the order for this? I mean, if I use an RFC 1918 address for my internal network, and I place all RFC1918 addresses in /etc/postfix/access_helo.cidr, will my internal addresses get rejected? Thanks, .vp > From: mo...@ml.netoyen.net > To: postfix-users@postfix.org > Subject: Re: Stopping domain spoofing spam? > > Gerry Gam a écrit : >> My server is getting a lot of spam that appears to be claiming it's from my >> domain while it's from elsewhere: >> >> Received: >> from my.ip.addr.ess (124-12-9-193.static.tfn.net.tw [124.12.9.193]) > > > reject mail if helo is your IP. > check_helo_access cidr:/etc/postfix/access_helo.cidr > ... > > > > you can also block all mail from .static.tfn.net.tw unless you know you > get legitimate mail from there. > > >> by mydomain.com (Postfix) with SMTP id 56BEC6010B for ; Thu, 17 Sep 2009 >> 02:55:54 -0600 (MDT) >> Received: >> from iedfmwp.yahoo.com (iedfmwp.yahoo.com [179.232.190.108]) by >> with Microsoft SMTPSVC(5.0.2195.6824); Sat, 13 Apr 2002 10:35:17 -0100 >> >> How >> can I block these? I've been reading, searching, and configuring quite >> a bit, but can't figure out how to block these so they're not accepted >> (for relaying?). Here's what I have in Postfix's config: >> >> smtpd_client_restrictions = reject_unknown_client_hostname, >> reject_unauth_pipelining, >> reject_rbl_client zen.spamhaus.org, >> reject_unknown_reverse_client_hostname >> >> smtpd_recipient_restrictions = permit_sasl_authenticated, >> reject_unauth_destination >> >> I also tried changing mynetworks to 127.0.0.1 but that hasn't helped with >> this.
