Loading ...
Sorry, an error occurred while loading the content.

SMTP permit or reject

Expand Messages
  • Sergio Ferreira
    EHLO List, I am finishing my SMTP setup restrictions and remains one question that I will explain following. When I set: SMTPD.... = reject_... reject_...
    Message 1 of 3 , Dec 1, 2005
    • 0 Attachment
      EHLO List,

      I am finishing my SMTP setup restrictions and remains one question that I
      will explain following.

      When I set:

      SMTPD.... =

      reject_...
      reject_...
      reject_...

      As I understood It is recommended to finish the sequence with "permit"
      option, right?

      Like this:

      reject_...
      reject_...
      reject_...
      permit

      So, When I permit:

      permit_...
      permit_...
      permit_...
      reject

      So far, seems to be fine for me, but when I mix the things how should I use
      "permit" and "reject" options?

      permit_...
      permit_...
      reject_...
      reject_...
      ?????

      Or:

      permit_...
      permit_...
      reject <----Here is my doubt!
      reject_...
      reject_...
      permit <----and here too!


      Thanks,

      Sergio
    • Noel Jones
      ... permit is the default action at the end of each smtpd_*_restrictions list. It s not necessary to put it there explicitly, but some people like to see it.
      Message 2 of 3 , Dec 1, 2005
      • 0 Attachment
        At 12:25 PM 12/1/2005, Sergio Ferreira wrote:
        >EHLO List,
        >
        >I am finishing my SMTP setup restrictions and remains
        >one question that I
        >will explain following.
        >
        >When I set:
        >
        >SMTPD.... =
        >
        >reject_...
        >reject_...
        >reject_...
        >
        >As I understood It is recommended to finish the
        >sequence with "permit"
        >option, right?

        permit is the default action at the end of each
        smtpd_*_restrictions list. It's not necessary to put
        it there explicitly, but some people like to see it.


        >So far, seems to be fine for me, but when I mix the
        >things how should I use
        >"permit" and "reject" options?

        Depends on what you want to do. The first rule to
        match something wins.


        --
        Noel Jones
      • mouss
        ... A final permit isn t required since that s the default. rules are applied in the order they are found. try writing your site policy in english (or native
        Message 3 of 3 , Dec 1, 2005
        • 0 Attachment
          Sergio Ferreira a écrit :
          > When I set:
          >
          > SMTPD.... =
          >
          > reject_...
          > reject_...
          > reject_...
          >
          > As I understood It is recommended to finish the sequence with "permit"
          > option, right?

          A final permit isn't required since that's the default.

          rules are applied in the order they are found. try writing your site
          policy in english (or native lang if you prefer, but writing'em in
          english will help if you need to discuss them). then implement these rules.

          Questions to ask yourself:
          - which clients are allowed to (freely) relay through your server?
          - do you want to enforce smtp auth for outbound mail?
          - do you want to restrict some outbound senders?
          - what level of hello filtering to implement?
          - what level of address requirements to impose?
          - which dnsbl's do you want to use?
          - do you want greylisting?
          ...
        Your message has been successfully submitted and would be delivered to recipients shortly.