Wietse Venema via Postfix-users:
> Viktor Dukhovni via Postfix-users:
> > On Wed, Aug 09, 2023 at 06:48:11PM +0200, Steffen Nurpmeso via
> > Postfix-users wrote:
> >
> > > Yeah the wonderful suggestion of this super helpful list (thanks
> > > again!) for my setup (laptop postfix on "forbidden address" relays
> > > to in-VPN postfix which then sends out) was
> > >
> > > 192.0.2.1:submission inet n - n - - smtpd
> > > -o syslog_name=vpnsub
> > > -o smtpd_sasl_auth_enable=no
> > > -o
> > > smtpd_relay_restrictions=permit_mynetworks,reject_unauth_destination
> > > -o cleanup_service_name=vpnsub_cleanup
> > > vpnsub_cleanup unix n - n - 0 cleanup
> > > -o {header_checks=regexp:{{/^Received:/ IGNORE}}}
> >
> > I am not aware of any suport for such inline regexp tables. What
> > release of Postfix supports this?
>
> Postfix 3.7 introduced inline tables for regexp, pcre, and cidr
> tables. I used the regexp support to get better logging with ALPACA
> attacks (http://www.postfix.org/wip.html).
Well, the ALPACA attack was easy to detect because it sends HTTP
commands which Postfix smtpd_forbidden_commands already recognized.
The regexp pattern is for abuse thath isn't so well-behaved.
Wietse
_______________________________________________
Postfix-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
