|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: reject_unknown_client exept if HELO hostname matches client
From: Jim Seymour (jseymour
LinxNet.com)
Date: Sat Aug 02 2003 - 11:59:45 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
"Bastiaan Welmers" <bastiaan-postfix-userswelmers.net> wrote:
>
[snip]
>
> Is there a way to configure Postfix so it will
>
> - Check if the client has a hostname
> - If not, check if the HELO hostname corresponds with the client, and if,
> don't reject
> - If both not, reject
Not really. You could snag the latest snapshot and do it with the
smtpd-policy service. I've been playing with that.
I was considering doing something like:
Check if envelope sender correlates to client or client MX
Check if HELO correlates to client or client MX
Maybe some other heuristics (blocklist checks, SPF...)
If all the tests fail: reject. If any of them fail: greylist. If all
of them pass: dunno.
Note that there are "issues" with all this. Senders/clients in dynamic
IP space that are otherwise legitimate, forwarded email--where the
envelope sender may well not correlate with the client, etc. (It's
enough to give one a migraine.)
Unfortunately, I've temporarily suspended my experiments in this area
as I've other pressing matters at this time.
You can look at http://jimsun.linxnet.com/misc/hacked_smtpd-policy.txt
for ideas.
--
Jim Seymour | PGP Public Key available at:
jseymourLinxNet.com | http://www.uk.pgp.net/pgpnet/pks-commands.html
http://jimsun.LinxNet.com |
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]