Dnia 28.02.2023 o godz. 10:03:23 Alberto pisze: > > I see that almost all attacks do not have a valid FQDN, so I have set the > "reject_non_fqdn_helo_hostname" directive in "smtpd_helo_restrictions" > directive, which I see is in a previous phase, to reject it beforehand. > > However, it has no effect. The attacks continue to occur in the same way, > and are rejected at the same point. > > > > Can you explain to me, why this happens?
Because the default setting in Postfix is smtpd_delay_reject=yes . That means that all restrictions are evaluated at RCPT TO stage, so you cannot cause a reject earlier. You have to set this parametr to "no" in order to reject at HELO stage. However take into account what is written in the documentation: "This feature is turned on by default because some clients apparently mis-behave when the Postfix SMTP server rejects commands before RCPT TO. The default setting has one major benefit: it allows Postfix to log recipient address information when rejecting a client name/address or sender address, so that it is possible to find out whose mail is being rejected." -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her daddy in the Bathtub."
