On 1/27/2010 3:37 PM, Curtis H. Wilbar Jr. wrote:
Wietse Venema wrote:
Curtis H. Wilbar Jr.:
Running a Postfix 2.2 server...
The server won't accept u...@somewhereelse.com@ourserver.com
But, it is accepting @somewhereelse.com:u...@ourserver.com
This is historical syntax, and is deprecated.
For compatibility, Postfix accepts the syntax and processes it as
if the client had sent "u...@ourserver.com" instead.
We will be upgrading Postfix soon, but in the meantime, how do I best
block this ?
It is harmless.
I discovered as much... but it is showing up on a PCI scan... and while
I can submit it as a false positive, is there a way to block this syntax
at the RCPT TO phase ?
use a regexp or pcre check_sender_access map. A very basic
example:
# /etc/postfix/sender_access.regexp
/^@/ REJECT invalid recipient
# main.cf
smtpd_sender_restrictions =
check_sender_access regexp:/etc/postfix/sender_access.regexp
-- Noel Jones
