|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Blocking mail from=<>
From: Allen (postfix
rfnj.org)
Date: Sun Feb 27 2005 - 02:19:24 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
At 02:46 2/27/2005, Robin Lynn Frank wrote:
>Cami wrote:
>>Robin Lynn Frank wrote:
>>
>>>According to rfc-ignorant.org "For example, let's say the domain in
>>>question is "example.tld", and an MX query for "example.tld" returns two
>>>mail servers, "mx1.example.tld" and "backup-mx.example.tld". If you
>>>connect to either of those MXes and mail FROM "<>" and TO an address in
>>>the example.tld domain is rejected (unless it is clear it is being
>>>rejected because the target address doesn't actually exist), then
>>>example.tld could be listed."
>>
>>When you say 'rejected', do you mean hard failures (5xx) or does that
>>include temp failures (4xx) aswell? (think about what happens when
>>recipient validation fails for whatever reason or certain transport
>>maps become unavailable).
>>Cami
>I'm quoting the dns zone listing criteria on www.rfc-ignorant.org. IIRC,
>they do not list 4nn failures unless they continue more than 5 days.
Thank god (or Weitse) for the following wonderful method of dealing with
such issues.
1. smtpd_sender_restrictions = ... check_sender_access ...
2. The DISCARD directive for the above stated table.
You'll have to explicitly allow mail from "<>" to postmaster in order to
avoid violating another RFC however.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]