Loading ...
Sorry, an error occurred while loading the content.

265218Retriction order - a little advice please

Expand Messages
  • Paul Hutchings
    May 1, 2010
      Just doing a bit of a sanity check/tidy-up on my Postfix box, I've not
      had to go near it for ages as it all just works, but I'm checking a few
      other things and I'm slowly reminding myself of various Postfix related
      things.

      These are my current restrictions, I think the map names are indicative
      of what they do. I'd appreciate any tips on streamlining/optimizing
      these - for example I know the DKIM one is where it is because it has to
      kick in before "permit_mynetworks" so it triggers even if it's spam and
      the mail is then rejected by a further check such as SPF.

      The box is an internet facing relay.

      smtpd_recipient_restrictions =
      check_recipient_maps,
      check_client_access hash:/etc/postfix/client_blacklist,
      check_sender_access hash:/etc/postfix/sender_blacklist,
      # Call dkim proxy to sign mail from @ourdomain
      check_sender_access hash:/etc/postfix/dkim_sign
      permit_mynetworks,
      reject_unauth_destination,
      check_client_access hash:/etc/postfix/client_whitelist,
      check_sender_access hash:/etc/postfix/sender_whitelist,
      check_sender_access hash:/etc/postfix/trusted_domains,
      check_helo_access regexp:/etc/postfix/helo_checks.regexp,
      reject_invalid_helo_hostname,
      reject_non_fqdn_helo_hostname,
      reject_non_fqdn_sender,
      reject_non_fqdn_recipient,
      reject_unknown_sender_domain,
      reject_unauth_pipelining,
      reject_rbl_client zen.spamhaus.org,
      reject_rhsbl_client multi.uribl.com,
      reject_rhsbl_sender multi.uribl.com,
      reject_rhsbl_sender multi.surbl.org,
      reject_rhsbl_client multi.surbl.org,
      check_policy_service unix:private/spf,
      check_client_access regexp:/etc/postfix/greylist_dyn_fqdn.regexp,
      check_client_access regexp:/etc/postfix/greylist_hosts.regexp,
      permit

      Thanks,
      Paul

      --
      MIRA Ltd

      Watling Street, Nuneaton, Warwickshire, CV10 0TU, England.

      Registered in England and Wales No. 402570
      VAT Registration GB 114 5409 96

      The contents of this e-mail are confidential and are solely for the use of the intended recipient.
      If you receive this e-mail in error, please delete it and notify us either by e-mail, telephone or fax.
      You should not copy, forward or otherwise disclose the content of the e-mail as this is prohibited.
    • Show all 2 messages in this topic