Blocking emails that claim to come from our domain
Jon Leeman
technician at CENPAC.NET.NR
Wed Dec 7 16:59:00 GMT 2005
[ The following text is in the "ISO-8859-1" character set. ]
[ Your display is set for the "US-ASCII" character set. ]
[ Some characters may be displayed incorrectly. ]
I just tried,
smtpd_client_restrictions = permit_mynetworks, check_client_access
hash:/etc/postfix/mydomain_rules
smtpd_helo_restrictions = permit_mynetworks, check_helo_access
hash:/etc/postfix/mydomain_rules
(without the warn_if_reject)
and received this from the MX from outside the network,
220 nract1.cenpac.net.nr GATEWAY MX - We don't authorise this
mailserver for the transport of unsolicited and/or bulk email.
helo jon.cenpac.net.nr
250 nract1.cenpac.net.nr
mail from:postmaster at cenpac.net.nr
250 Ok
rcpt to:jleeman at cenpac.net.nr
554 <jon.cenpac.net.nr>: Helo command rejected: Rejected. You are not me
Erick Perez wrote:
> isnt this supposed to work?
>
> smtpd_client_restrictions = permit_mynetworks, check_client_access
> hash:/etc/postfix/mydomain_rules, warn_if_reject
> smtpd_helo_restrictions = permit_mynetworks, check_client_access
> hash:/etc/postfix/mydomain_rules, warn_if_reject
>
> however in the logs:
>
> Dec 7 11:19:14 mail postfix/smtpd[15886]: 5A89575854F: client=fpacifico.com
> [201.226.94.250]
> Dec 7 11:19:19 mail postfix/cleanup[15932]: 5A89575854F: hold: header
> Received: from erick (fpacifico.com [201.226.94.250])??by
> mail.flyairpanama.com (mail.flyairpanama.com) with SMTP id 5A89575854F??for
> <eaperezh at flyairpanama.com>; Wed, 7 Dec 2005 11:19:04 -0500 (EST) from
> fpacifico.com[201.226.94.250]; from=<eaperezh at flyairpanama.com> to=<
> eaperezh at flyairpanama.com> proto=SMTP helo=<erick>
> Dec 7 11:19:23 mail postfix/virtual[15909]: C157E758570: to=<
> eaperezh at flyairpanama.com>, relay=virtual, delay=19, status=sent (delivered
> to mailbox)
>
> my mydomain_rules:
> flyairpanama.com REJECT Rejected. You are not me.
>
>
>
>
> On 12/7/05, Glenn Steen <glenn.steen at gmail.com> wrote:
>
>>On 07/12/05, Erick Perez <eaperezh at gmail.com> wrote:
>>
>>>what about MS and postfix?
>>>where do i implement that?
>>>
>>
>>I'm at home on sick-leave (hopfully, just today....), so this is
>>entirely from memory (and that is a bit flaky at best:-)...
>>As said, I apply a restriktion on helo and on senders so this might
>>look something like (in main.cf "#" inserted to show where the lines
>>are (wrapping))
>>#
>>smtpd_helo_restrictions = permit_mynetworks, reject_invalid_hostname,
>>reject_non_fqdn_hostname, check_helo_access
>>hash:/path/to/access_map/file
>>#
>>smtpd_helo_restrictions = permit_mynetworks, check_sender_access
>>hash:/path/to/access_map/file
>>#
>>And in the map file, you have a line rejecting your own domain...
>>something like
>>yourdomain.tld REJECT You are not me...
>>
>>Then couple that with the recipient maps check (for valid recipients),
>>and then you can only receive mail from non-spoofing senders to valid
>>recipients (that part is described well in the MailScanner wiki). You
>>can, of course, couple these restrictions with any restrictions you
>>feel are necessary ("man 5 postconf" is a good place to see exactly
>>what settings you have available)
>>
>>.... Or did I missunderstand your question?
>>
>>--
>>-- Glenn
>>email: glenn < dot > steen < at > gmail < dot > com
>>work: glenn < dot > steen < at > ap1 < dot > se
>>
>>------------------------ MailScanner list ------------------------
>>To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
>>'leave mailscanner' in the body of the email.
>>Before posting, read the Wiki (http://wiki.mailscanner.info/) and
>>the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
>>
>>Support MailScanner development - buy the book off the website!
>>
>
>
>
>
> --
>
> -------------------------------------------
> Erick Perez
> Linux User 376588
> http://counter.li.org/ (Get counted!!!)
> Panama, Republic of Panama
>
> ------------------------ MailScanner list ------------------------
> To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
> 'leave mailscanner' in the body of the email.
> Before posting, read the Wiki (http://wiki.mailscanner.info/) and
> the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
>
> Support MailScanner development - buy the book off the website!
>
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
Support MailScanner development - buy the book off the website!
More information about the MailScanner
mailing list