|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: mouss (mlist.only
free.fr)
Date: Tue Mar 06 2007 - 16:27:34 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Oliver Gros wrote:
> Hi
>
>
>
> As it looks like this configuration (postconf -n) allows relaying from the
> outside, as long as the outside sender uses an internal domain (see
> "relay_domains") e.g someuserdomain8.com.
>
show a log of that.
> [snip]
> local_recipient_maps =
>
This disables recipient validation and may lead to backscatter (except
if you have a catchall address). see the BACKSCATTER README.
> [snip]
>
> mynetworks_style = subnet
>
don't use this. set mynetworks explictly. if in doubt, use
mynetworks=127.0.0.1.
> [snip]
>
> relay_domains =
> domain1.net,domain2.org,domain4,biz,domain5.us,domain6.info,domain7.net,doma
> in8.com
>
>
I see no relay_recipient_maps... risk of backscatter again.
> [snip]
>
> smtpd_recipient_restrictions = reject_unauth_destination
>
this blocks relay. so you should be safe unless you list the whole
universe (or part of it) in mydestination, relay_domains, ... )
> reject_unknown_recipient_domain reject_unverified_recipient
> reject_rbl_client list.dsbl.org reject_rbl_client sbl-xbl.spamhaus.org
> reject_rbl_client dul.dnsbl.sorbs.net permit_mynetworks
>
>
permit_mynetwork is useless here, since the default action is permit.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]