From: brian (no email)
Date: Tue Jun 01 2004 - 01:06:49 EDT
Thanks Noel,
Is it a big prcedure to upgrade to the latest version of postfix???
-19991231-pl08
> On Tue, Jun 01, 2004 at 01:21:19AM +0100, Matt wrote:
> >
> > > maps_rbl_domains = rbl-plus.mail-abuse.org
> > > rbl_client sbl.spamhaus.org,
> > > rbl_client list.dsbl.org,
> > > rbl_client dnsbl.njabl.org,
> > > rbl_client relays.ordb.org,
> > > rbl_client opm.blitzed.org,
> > > rbl_client dnsbl.sorbs.net,
> >
> > These should be under either client, sender or recipient restrictions.
>
> Sorry Matt, we are talking about a Very Old version of postfix.
>
> For postfix 1.x it needs to look like:
> maps_rbl_domains =
> rbl-plus.mail-abuse.org,
> sbl.spamhaus.org,
> list.dsbl.org,
> dnsbl.njabl.org,
> relays.ordb.org,
> opm.blitzed.org,
> dnsbl.sorbs.net,
>
> Note the mail-abuse.org RBLs are no longer free. You must have a
> paid signed contract with them to access their lists.
> You may wish to use sbl-xbl.spamhaus.org rather than sbl.spamhaus.org,
> it contains additional blocked sites. Check the spamhaus web site for
> details.
>
> Note that postfix has changed A Great Deal since 1999, and the version
> you have is no longer supported.
> Seriously consider upgrading.
>
>
> >
> > > reject_invalid_hostname,
> > > reject_non_fqdn_hostname,
> > > reject_unknown_hostname,
> > > reject_non_fqdn_sender,
> > > reject_unknown_sender_domain,
> > > reject_non_fqdn_recipient,
> > > reject_unknown_recipient_domain,
> > > reject_unauth_pipelining,
> >
>
> The above reject_* restrictions must be under one of
> smtpd_{client,helo,sender,recipient}_checks. This is often referred
> to as "smtpd_mumble_restrictions" or "smtpd_*_restrictions" so we
> don't have to type out the whole list. In this case, it's probaby
> best to put these all under smtpd_recipient_restrictions.
>
> smtpd_recipient_restrictions =
> reject_invalid_hostname,
> reject_non_fqdn_hostname,
> reject_unknown_hostname,
> reject_non_fqdn_sender,
> reject_unknown_sender_domain,
> reject_non_fqdn_recipient,
> reject_unknown_recipient_domain,
> reject_unauth_pipelining,
> permit_mynetworks
> reject_unauth_destination
> ... local whitelists here ...
> ... local blacklists here ...
>
>
>
> > Get rid of the double line. You only need to specify
smtpd_client_restrictions
> > once.
> >
> > > smtpd_client_restrictions = permit_mynetworks,
> > > smtpd_client_restrictions = reject_maps_rbl, reject_unknown_client
> >
> >
>
> Yes. In the case of duplicated main.cf parameters, the last one is
> used. "postconf -n" will display the settings that postfix
> will actually use.
>
> smtpd_client_restrictions =
> permit_mynetworks,
> reject_maps_rbl,
> reject_unknown_client
>
> Note that "reject_unknown_client" will likely reject a lot of legit
> mail.
>
> Note that postfix has changed A Great Deal since 1999, and the version
> you have is no longer supported.
> Seriously consider upgrading.
>
>
> --
> Noel Jones
>
|
|
|