Wietse Venema via Postfix-users:
> Geert Hendrickx via Postfix-users:
> > On Tue, Jun 06, 2023 at 09:48:11 -0400, Wietse Venema via Postfix-users
> > wrote:
> > > * Optional: harden a Postfix SMTP server against remote SMTP
> > > clients that violate RFC 2920 (or 5321) command pipelining
> > > constraints. With "smtpd_forbid_unauth_pipelining = yes", the
> > > server disconnects a client immediately, after responding with
> > > "554 5.5.0 Error: SMTP protocol synchronization" and after
> > > logging "improper command pipelining" with the unexpected remote
> > > SMTP client input. This feature is disabled by default in Postfix
> > > 3.5-3.8 to avoid breaking home-grown utilities, but it is enabled
> > > by default in Postfix 3.9. A similar feature is enabled by
> > > default in the Exim SMTP server.
> >
> >
> > Hi
> >
> > What is the relation between new "smtpd_forbid_unauth_pipelining"
> > and existing "reject_unauth_pipelining" in smtpd_*_restrictions?
>
> smtpd_forbid_unauth_pipelining disconnects the client, and is enabled
> by default in Postfix >= 3.9.
It is like smtpd_forbidden_commands, which disconnects a client,
and is enabled by default since Postfix. 2.2 (released in 2005).
Wietse
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
