On 12.09.10 12:37, Stan Hoeppner wrote: > Ralph, do you restrict submission to only certain public subnets or > do you allow your users/customers to submit from any network?
Submission is allowed for SASL-authenticated users from any network. Fortunately, the number of originating domains is not too large, and I can base header checks on the domain names: /^Received:\s+from\s+\w+\.privatedomain1\.tld\b/ IGNORE /^Received:\s+from\s+\w+\.privatedomain2\.tld\b/ IGNORE Simple as this regular expression is, it seems to match the real life headers encountered during my tests so far. > Could you please provide a full non-obfuscated (except for private > addresses) header from a submission, copy/pasted from an MUA. Received: from machine1.privatedomain1.tld (p57A83EF6.dip.t-dialin.net [87.168.62.246]) by seth.horus-it.com (Postfix) with ESMTPSA id CF4F33343CF for <j...@foo.org>; Sun, 12 Sep 2010 10:33:05 +0200 (CEST) Received: from machine2.privatedomain2.tld (localhost [127.0.0.1]) by machine2.privatedomain2.tld (Postfix) with ESMTPS id 586CA239EF for <j...@bar.net>; Sun, 12 Sep 2010 12:35:32 +0200 (CEST)
