On 10/04/2010 05:49 PM, martin f krafft wrote:
also sprach Noel Jones<njo...@megan.vbhcs.org> [2010.10.04.0507 +0200]:
Lots easier to just use
/^myhostname(\.mydomain)?$/ REJECT don't use my hostname
Thanks to everyone who responded. I am now going the suggested way.
However, it occurs to me that this is something postfix could be
trivially doing itself, e.g.
smtpd_helo_restrictions =
[…]
reject_my_hostname
reject_my_ipaddress
Where, exactly ?
The real client IP ? That can't be trivially spoofed, and so would
actually BE your server.
As for EHLO, IP literals aren't accepted as a matter of course - not in
this day and age.
Personally, I reject all EHLO it it's not FQDN, not a valid hostname, or
corresponds with my own identity.
That pretty much accomplishes what you're talking about, without the
need for additional options.
--
J.
