[Postfixbuch-users] Whitelist und smtpd_recipient_restrictions
Udo Neist
postfix at singollo.de
Mi Nov 17 13:24:43 CET 2004
Am Mittwoch November 17 2004 13:15 schrieb Ralf Hildebrandt:
> * Udo Neist <postfix at singollo.de>:
> > Am Mittwoch November 17 2004 12:23 schrieb Ralf Hildebrandt:
> > > > /var/log/mail:
> > > >
> > > > Nov 17 10:09:52 h8239 postfix/smtpd[19288]: starting TLS
> > > > engine Nov 17 10:10:02 h8239 postfix/smtpd[19288]: connect
> > > > from unknown[195.248.137.154]
> > > > Nov 17 10:10:02 h8239 postfix/smtpd[19288]: 49B847E8021:
> > > > client=unknown[195.248.137.154]
> > > > Nov 17 10:10:02 h8239 postfix/smtpd[19288]: 49B847E8021:
> > > > reject: RCPT from unknown[195.248.137.154]: 504 <MPL-05>:
> > > > Helo command rejected: need fully-qualified hostname;
> > > > from=<ct at exis-ag.de> to=<weinbauer at singollo.de> proto=ESMTP
> > > > helo=<MPL-05>
> > >
> > > Ja. MPL-05 ist kein FQDN.
> > > Deshalb weist reject_non_fqdn_hostname die Mail ab.
> >
> > reject_non_fqdn_hostname hatte ich erst jetzt eingefügt, war
> > eher reject_non_fqdn_sender.
>
> Nein.
>
> > 195.248.137.0/24 für alle Rechner oder eher 195.248.137.*? Ich
> > kenne ja nicht alle Rechner im dortigen Netz, die Mails
> > versenden dürfen. Die Rechner gehören einer Firma und die
> > besitzt mindestens 3 Domains.
>
> Nur der eine.
Dann hoffe ich mal, das die Umstellung auch Erfolg bringt. Zumindest
die Mails einiger Mailinglisten sind angekommen :)
Gruß
Udo
--
It is necessary to have purpose.
-- Alice #1, "I, Mudd", stardate 4513.3
D noanonymous
smtp_tls_CAfile = /etc/postfix/certs/singollo.pem
smtp_tls_cert_file = /etc/postfix/certs/singollo.pem
smtp_tls_cipherlist = HIGH:@STRENGTH
smtp_tls_key_file = /etc/postfix/certs/singollo.pem
smtp_tls_loglevel = 2
smtp_tls_note_starttls_offer = yes
smtp_tls_session_cache_timeout = 3600s
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP $mail_name NO_SPAM_ALLOWED_HERE
smtpd_client_restrictions = permit_mynetworks,
reject_invalid_hostname
smtpd_delay_reject = yes
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks,
reject_non_fqdn_hostname
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated, reject_unauth_destination,
reject_non_fqdn_sender, reject_non_fqdn_recipient,
reject_rbl_client dul.dnsbl.sorbs.net, reject_rbl_client
ix.dnsbl.manitu.net, reject_rbl_client cbl.abuseat.org,
reject_rbl_client sbl.spamhaus.org, reject_rbl_client
list.dsbl.org, reject_rbl_client relays.ordb.org,
reject_rbl_client opm.blitzed.org, reject_rbl_client
ix.dnsbl.manitu.net
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_tls_CAfile = /etc/postfix/certs/singollo.pem
smtpd_tls_cert_file = /etc/postfix/certs/singollo.pem
smtpd_tls_key_file = /etc/postfix/certs/singollo.pem
smtpd_tls_loglevel = 2
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 450
virtual_alias_domains = serverkompetenz.net
virtual_a
Mehr Informationen über die Mailingliste Postfixbuch-users