configure postfix to do reverse dns and do not accept mail if revers dns fails

Craig White craigwhite at azapple.com
Wed Aug 17 11:19:17 MST 2005


On Wed, 2005-08-17 at 10:25 -0700, Jim B wrote:
> How can postfix be configured so that postfix will do a reverse dns on
> incoming mail and if it fails then the mail will not be accepted or
> will be discarded?
----
fwiw - a long discussion of postfix several months back resorted to my
putting this into postfix/main.cf - it has worked well...YMMV

### New rules gleaned from the following URL
# http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt

smtpd_helo_required = yes
disable_vrfy_command = yes

smtpd_recipient_restrictions =
    permit_mynetworks,
    reject_invalid_hostname,
    reject_non_fqdn_hostname,
    reject_non_fqdn_sender,
    reject_non_fqdn_recipient,
    reject_unknown_sender_domain,
    reject_unknown_recipient_domain,
    reject_unauth_destination,
    check_helo_access hash:/etc/postfix/helo_checks,
    check_sender_access hash:/etc/postfix/sender_checks,
    check_client_access hash:/etc/postfix/client_checks,
    reject_rbl_client relays.ordb.org,
    reject_rbl_client opm.blitzed.org,
    reject_rbl_client list.dsbl.org,
    reject_rbl_client sbl.spamhaus.org,
    reject_rbl_client cbl.abuseat.org,
    reject_rbl_client dul.dnsbl.sorbs.net,
    permit

smtpd_data_restrictions =
    reject_unauth_pipelining,
    permit

Craig



More information about the PLUG-discuss mailing list