Nicol?s:
> Hi,
>
> I have some hardware which I've configured to send e-mails through
> my Postfix server. Unfortunately, this hardware's firmware has
> its' EHLO command hardcoded, not being it an FQDN.
>
> In Postfix, I've configured smtpd_helo_restrictions to
> have?reject_non_fqdn_helo_hostname and I'm pretty happy with it
> so I don't want to remove it, however it makes its' attempts to
> get rejected. Another issue is that it's connections are made from
> a dynamic IP address, so whitelisting its IP address is not an
> option. However, it has a dynamic hostname which updates each time
> it changes (a DynDNS-like host).
Wrap the reject_non_fqdn_helo_hostname inside an access table:
smtpd_mumble_restrictions =
...other stuff...
check_client_access cidr:/etc/postfix/reject_non_fqdn_helo.cidr
...more stuff...
/etc/postfix/reject_non_fqdn_helo.cidr:
# Unlike hash files, cidr files are matched in the order of rules.
# IPv4
1.2.3.4 dunno
0.0.0.0/0 reject_non_fqdn_helo_hostname
# IPv6
1:2::3:4 dunno
::0/0 reject_non_fqdn_helo_hostname
It's a bit clumsy with the CIDR patterns, but hash-based access
maps don't have a wild-card pattern.
Wietse
