Loading ...
Sorry, an error occurred while loading the content.

Re: explicit_OK

Expand Messages
  • mouss
    ... this is at least controversial: - for inbound mail, why would you want it to fail if your DNS has problems - for outbound mail, why would you reject
    Message 1 of 4 , Oct 4, 2006
    • 0 Attachment
      Petre Bandac wrote:
      > [snip]
      >
      > smtpd_recipient_restrictions =
      > reject_non_fqdn_recipient,
      > reject_unknown_sender_domain,
      > reject_unknown_recipient_domain,
      >
      this is at least controversial:

      - for inbound mail, why would you want it to fail if your DNS has problems
      - for outbound mail, why would you reject instead of queue then bounce.
      otherwise, transient dns problems get back to your users, most of which
      won't understand what that means (besides, you already seen how errors
      are reported by MUAs....).

      > permit_sasl_authenticated,
      > permit_mynetworks,
      > reject_unauth_destination,
      > check_client_access hash:/etc/postfix/spammers-accepted,
      > reject_unauth_pipelining,
      >

      This is useless in the default config (delay reject set to yes).

      > reject_invalid_hostname,
      > reject_rbl_client ix.dnsbl.manitu.net reject_rbl_client
      > cbl.abuseat.org

      cbl is included in xbl. you can save a lookup if you so desire.

      > reject_rbl_client sbl-xbl.spamhaus.org
      > reject_rbl_client list.dsbl.org reject_rbl_client
      > relays.ordb.org reject_rbl_client opm.blitzed.org
      >

      opm is dead, and when it was alive, it was included in xbl.
      > reject_rbl_client dul.dnsbl.sorbs.net reject_rbl_client
      > sbl.spamhaus.org
      sbl is included in sbl-xbl. They are also served by the same
      organization, so there is really no point in doing a double query.
      > reject_rhsbl_sender dsn.rfc-ignorant.org
      > permit_mx_backup,
      > reject
      >
      >

      remove permit_mx_backup,reject. This is useless. you already have
      reject_unauth_destination before.
      > ##
      > more /etc/postfix/spammers-accepted
      > 212.158.129.228 OK
      > ##
      >
      > don't forget to postmap the hash file and reload postfix
      >

      with IPs, better use cidr.
    Your message has been successfully submitted and would be delivered to recipients shortly.