search for: smtpd_sender_restrict

message sent from the sieve-vacation does not contain dkim signature how to configure sieve to send messages via smtp transport with signing?

...and there is probably more I could do, but this ROCKS!!! smtpd_delay_reject = yes smtpd_helo_required = yes smtpd_client_restrictions = permit_mynetworks,permit smtpd_helo_restrictions = permit_mynetworks, reject_non_fqdn_helo_hostname, reject_invalid_helo_hostname, permit smtpd_sender_restrictions = permit_mynetworks, reject_non_fqdn_sender, reject_unknown_sender_domain, permit smtpd_recipient_restrictions = reject_non_fqdn_recipient, reject_unknown_recipient_domain, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination,...

...the helo check?? this is the relevant portion of main.cf <snip> smtpd_helo_required = yes smtpd_delay_reject = yes #added 20090410 strict_rfc821_envelopes = yes smtpd_helo_restrictions = permit_mynetworks, reject_non_fqdn_helo_hostname, reject_invalid_helo_hostname, permit smtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_sender, reject_unknown_client, reject_unauthenticated_sender_login_mismatch, permit smtpd_sender_login_maps = hash:/etc/postfix/smtpd_sender_login_map smtpd_client_restrictions = check_client_access hash:/etc...

...ion i have posted in that thread? > > for me that was a prerequisite before even consider put my first > mailserver setup on a public IP and that's enforced even on any > webserver here by shared database tables > Ups ... sorry, reject_authenticated_sender_login_mismatch from smtpd_sender_restrictions ofc. I was thinking about not accepting mails from users/ip witch don't do a least one pop3 or imap read before sending. -- Best regards, Adrian Minta

...x/access, reject_invalid_hostname, reject_unknown_recipient_domain, reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_client_restrictions = check_client_access hash:/etc/postfix/restricted_sender #smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/restricted_sender /etc/postfix/restricted_sender contains: testuser1 at mydomain.com REJECT I already try to use smtpd_client_restrictions and smtpd_sender_restrictions with no success, is there any other way to do it. Thanks. junji aisalen.wordpress.c...

...al school's mail server on CentOS 7, Postfix and Dovecot. We get quite a lot of spam, so I have the following sender restrictions in my /etc/postfix/main.cf: --8<------------------------------------------------------ # Restrictions SMTP smtpd_helo_restrictions = reject_unknown_helo_hostname smtpd_sender_restrictions = reject_unknown_sender_domain, check_sender_access hash:/etc/postfix/sender_access smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_rbl_client zen.spamhaus.org, reject_rhsbl_reverse_client dbl.spamhaus.org, reject_rhsbl_helo dbl.spamhaus.org, reje...

> Let's say we have dovecot + sieve plugin container. > Dovecot configured to use remote SMTP submission host to send messages: > submission_host = postfix.example.com:587 I reviewed my config to see how i did it. I think you are right and SASL isn't used here. I have dovecot and postfix on the same machine and in dovecot i set submission_host = localhost:25 Then in my

Hello to all members. I am using Dovecot for 5 years, but this is my first post here. I am aware of the various autoresponder scripts for vacation autoreplies (I am using Virtual Vacation 3.1 by Mischa Peters). I have an issue with auto-replies - it is vulnerable to spamming with forged email address. Forging can be prevented with several Postfix settings, which I did in the past - but was forced

...c/postfix/main.cf ----------------------------- ... smtpd_helo_required = yes smtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated, check_helo_access hash:/etc/postfix/helo_access reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname, reject_unknown_helo_hostname smtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated, check_sender_access hash:/etc/postfix/sender_access, reject_unknown_sender_domain, reject_unknown_reverse_client_hostname, reject_unknown_client_hostname smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated,...

...nknown_recipient_domain, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_recipient_access hash:/etc/postfix/roleaccount_exceptions, reject_invalid_hostname, check_helo_access pcre:/etc/postfix/helo_checks, reject_rbl_client sbl-xbl.spamhaus.org, permit smtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_sender smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous broken_sasl_auth_clients = yes tls_random_exchange_name = /var/spool/postfix/prng_exch smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth smt...

...200 -o smtp_send_xforward_command=yes 127.0.0.1:10025 inet n - - - - smtpd -o content_filter= -o local_recipient_maps= -o relay_recipient_maps= -o smtpd_restriction_classes= -o smtpd_client_restrictions= -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o mynetworks=127.0.0.0/8 -o strict_rfc821_envelopes=yes -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks -o smtpd_bind_address=127.0.0.1 Thanks

...nt cbl.abuseat.org, reject_rbl_client proxies.blackholes.wirehub.net, reject_rbl_client query.bondedsender.org permit smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_path = private/auth smtpd_sasl_type = dovecot smtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unlisted_sender, permit smtpd_tls_auth_only = yes smtpd_tls_cert_file = /usr/local/etc/ssl/more/server.crt smtpd_tls_key_file = /usr/local/etc/ssl/more/server.key smtpd_tls_loglevel = 0...

...th_destination, reject_unauth_pipelining, reject_non_fqdn_recipient smtpd_relay_restrictions = smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = $myhostname smtpd_sasl_path = private/auth smtpd_sasl_type = dovecot smtpd_sender_login_maps = mysql:/etc/postfix/mysql-virtual_sender_permissions.cf smtpd_sender_restrictions = permit_mynetworks, reject_sender_login_mismatch, permit_sasl_authenticated, reject_unknown_helo_hostname, reject_unknown_recipient_domain, reject_unknown_sender_domain smtpd_tls_cert_file = /etc/ssl/server/servername.pem smtpd_tls_key_file = $smtpd_tls_cert_file smtpd_tls_loglevel = 1 smtpd_t...

..., permit_sasl_authenticated, reject_unauth_destination, check_policy_service unix:private/policy-spf smtpd_reject_unlisted_sender = yes smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = $mydomain smtpd_sasl_path = private/auth smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_pipelining, reject_unauth_destination smtpd_timeout = 30 smtpd_tls_cert_file = /etc/postfix/ssl/wildcard.domain.com.crt smtpd_tls_key_file = /etc/postfix/ssl/wildcard.domain.com.key smtpd_tls_security_level = may smtpd_tls_session_ca...

...permit smtpd_recipient_restrictions = reject_unauth_pipelining, permit_sasl_authenticated, permit_mynetworks, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_path = private/auth smtpd_sasl_type = dovecot smtpd_sender_restrictions = permit_sasl_authenticated, reject_non_fqdn_sender, reject_unknown_sender_domain smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem smtpd_tls_auth_only = no smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key smtpd_tls_loglevel = 1 smtpd_tls_rece...

..._helo_required = yes smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,check_recipient_access mysql:/etc/postfix/mysql-recipient.cf,reject_unauth_destination,permit smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = $myhostname smtpd_sasl_security_options = noanonymous smtpd_sender_restrictions = check_sender_access mysql:/etc/postfix/mysql-sender.cf smtpd_tls_CAfile = /etc/postfix/ssl/smtpd.pem smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.pem smtpd_tls_key_file = /etc/postfix/ssl/smtpd.pem smtpd_tls_loglevel = 3 smtpd_tls_received_header = yes smtpd_tls_session_cache_timeout = 3600s...

...ynetworks = 138.195.32.0/23, 127.0.0.1 recipient_delimiter = + setgid_group = postdrop smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) smtpd_client_restrictions = permit_mynetworks, reject smtpd_helo_required = yes smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination smtpd_sender_restrictions = reject_unknown_sender_domain, permit virtual_alias_maps = ldap:ldapxforward,ldap:ldapforward,ldap:ldapvalias virtual_mailbox_domains = test.ecp.fr virtual_mailbox_maps = ldap:ldapcanonical virtual_transport = dovecot /etc/postfix/master.cf dovecot unix - n n - -...

...e-force/ I added the fail2ban rule and modified my postfix main.cf as follows: smtpd_client_connection_rate_limit = 3 smtpd_delay_reject = yes smtpd_helo_required = yes smtpd_helo_restrictions = permit_mynetworks, reject_non_fqdn_helo_hostname, reject_invalid_helo_hostname, permit smtpd_sender_restrictions = permit_mynetworks, reject_non_fqdn_sender, reject_unknown_sender_domain, permit smtpd_recipient_restrictions = reject_unauth_pipelining, reject_non_fqdn_recipient, reject_unknown_recipient_domain, permit_mynetworks, reject_unauth_destination, check_sender_acc...

On 24.02.2015 20:29, Reindl Harald wrote: > > > don't allow senders which you would not receive mail for - period > Seems interesting, at least until the bots adapt to this. Any idea how could this be implemented ? -- Best regards, Adrian Minta

On Wed, Oct 8, 2008 at 7:36 PM, mouss <mouss at netoyen.net> wrote: > > an alternative is > > content_filter = > smtpd_sender_restrictions = > check_sender_access hash:/etc/postfix/sender_ok > check_sender_access pcre:/etc/postfix/filter > > == dsn_ok > <> OK > > == filter > /./ FILTER filter:[1.2.3.4]:10024 > > where "filter:[1.2.3...." is what you used to put i...