|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: address verification + fallback_relay
From: adi (adi
mdgr.padinet.com)
Date: Sun Apr 27 2003 - 11:47:38 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Sun, Apr 27, 2003 at 11:24:06AM -0400, Wietse Venema wrote:
> If your inbound mail server depends on fallbacks for sending bounces,
> then your achitecture defeats the sending of address probes.
Thanks to you and Victor for clarification.
Actually I would like to try to activate sender address verification
on outbound mail server :-) Even though we have a strict policy
regardless of spamming, there are always kind of junk messages
that would pass through our outbound smtp.
On a rather unrelated problem, seems that 'whitelisting'
recipient address verification to useless domain to verified
(i.e yahoogroups.com) is impossible without taking a risk
of being open relay. What I could do for now is simply reject
connection that come from other than mynetworks, i.e:
smtpd_client_restrictions =
permit_mynetworks
reject
smtpd_recipient_restrictions =
...
hash:$config_directory/dont_verified
reject_unverified_recipient
...
dont_verify:
yahoogroups.com OK
returns.groups.yahoo.com OK
list.cr.yp.to OK
securityfocus.com OK
php.net OK
perl.org OK
etc...
some of our users forwarded their email to other domains.
Regards,
P.Y. Adi Prasaja
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]