On 10/25/2013 1:42 PM, Charles Marcus wrote:
> On 2013-10-25 1:29 PM, Titanus Eramius <tita...@aptget.dk> wrote:
>> Well, if the app is not installed, it might solve the problem. Other
>> than that, I think this is a bit off-topic for Postfix, since it only
>> applys to Apples hand-held devices.
>
> Whether it is iOS specific or not (apparently it is, at least for
> the time being, iOS specific), it also applies to the smtp
> connection to my *postfix* server, so I disagree that it is OT.
>
> Apparently it is not a hoax, so the question remains, for those of
> us who do not have the enterprise tools to lock down iPhones and
> iPads, what is the best/most reliable way to simply block LinkedIn
> from being able to successfully connect to the SMTP server?
>
> --
>
> Best regards,
>
> */Charles/*
I think the question of how to stop authenticated connections from
unwanted clients is reasonably on-topic. The question of how to
block linkedin from scraping your IMAP server is best answered on
your imap software forum.
Basically two choices...
1. block all *.linkedin.com clients BEFORE any
permit_sasl_authenticated statement. This will also have the effect
of blocking all incoming linkedin mail. That may be a little too
strict for some folks, or maybe just fine with others.
Something like:
smtpd_client_restrictions =
check_client_access hash:/etc/postfix/banned_clients
# banned_clients
linkedin.com REJECT mail from LinkedIn not welcome here
2. Use a policy service such as postfwd to reject connections if
{SASL authentication and the client == linkedin}. This will prevent
anyone from sending mail via linkedin, but will still allow the
usual unauthenticated incoming mail.
(well, I suppose firewall their IP range is a third choice... That
suffers from the problem of reliably finding their IP range.)
-- Noel Jones
