On 20/02/2020 03:39, Bob Proulx wrote:
> I do a slight variation on this that I think is slightly better.
> Instead of pcre tables I use hash tables. Which should be slightly more
> efficient. And won't suffer from common substring matches such as
> hitting by accident on goodkreme.com or otherkreme.com or
> krispykreme.com and so forth. :-)
>
> My /etc/postfix/helo-access file:
> # Reject anybody that HELO's as being in our own domains.
> # Since this occurs after permit_mynetworks this does not
> # reject local clients.
> proulx.com REJECT You are not proulx.com.
I receive quite a few messages claiming to be from "accounts", "helpdesk", or
"personnel", so I have a very similar clause in my /etc/postfix/sender-access
file. Again, it is after permit_mynetworks so it does not reject local clients.
Allen C
