Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Dave McGuire (mcguireneurotica.com)
Date: Tue Jul 24 2007 - 02:18:53 CDT
On Jul 23, 2007, at 6:09 PM, Magnus Bäck wrote:
>> Thank you for responding so quickly! I've set up sender address
>> verification in the standard way:
>> smtpd_sender_restrictions = hash:/etc/postfix/sender_access,
>> ...with "<domainname> reject_unverified_sender" lines in /etc/
>> postfix/sender_access. I've thought about this a bit more...if my
>> understanding is correct, it should be enough to simply add "<sender
>> address> OK" lines to the sender_access file. Does that sound like
>> a reasonable approach?
> Yes, but less reasonable than using a correct sender address in the
> first place. I don't understand why you have SAV enabled for your own
> domain in the first place. SAV is typically used on foreign domains.
If this is true, then someone might want to change:
...where it clearly states:
"NOTE: One of the first things you might want to do is to turn on
sender address verification for all your own domains."
>> I'd like to not have the sending machine (a webserver in this
>> answer on port 25, which would seem to be a requirement for the use
>> of proper (verifiable) sender addresses.
> Not at all. You can specify any sender address you want. That's
> completely up to the sending application, and if you can't teach the
> application to use a sane address you could use generic rewriting
> on the webserver Postfix to rewrite the bad address into a good one.
Of course. The address, however, isn't "bad"...it's just one that
cannot (and should not) *receive* messages. This is nothing new.
Port Charlotte, FL