smtpd_sender_restrictions vs smtpd_recipient_restrictions vs smtpd_client_restriction
I want to reject mail from spam sources aimed to my domains (local delivery) specified in:
If any of the users in example2.com and/or example3.net want to use Postfix to relay mail (eg: to hotmail or yahoo mail)will have to authenticate first (SASL), if authentication is successful they are granted permission to relay mail.
Now, as I said first I want to reject mail aimed to example2.com and/or example3.net from spam sources.(I know there could be other methods, but this thread is about smtpd_sender_restrictions vs smtpd_recipient_restrictions vs smtpd_client_restriction).
I seen some settings that indicate setting smtpd_recipient_restrictions to block spam sources (http://www.howtoforge.com/block_spam..._level_postfix):
smtpd_sender_restrictions, as stated in Postfix website, filters mails based on the MAIL FROM command; This command is easy faked by telneting an open relay and typing in this command, therefore mail cound be sent with a valid MAIL FROM address, for this reason smtpd_sender_restrictions does not seem to be my solution.
The only option left in my hypothesis is to use smtpd_client_restrictions, which for my understanding checks the hostname or IP address of the smtpd client (the other MTA/SMTP connecting to my local smtpd(Postfix) ) in a black list, if listed mail is denied.
Am I correct here ?
Yes sir. You are correct. Take a look on this page: http://www.postfix.org/SMTPD_ACCESS_README.html
It explains all the smtpd access control types and why people tend to ignore all of them and use smtpd_recipient_restrictions only. Also possible problems you get by doing this.
|All times are GMT +2. The time now is 02:04.|
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.