[bglug] Re: Re: Re: Sistemistica: Postfix in situazioni
particolari.
Manuel
manetta@mediacom.it
Ven 15 Apr 2005 16:27:24 CEST
paradox ha scritto:
> Ora viste le
> possibilità built-in che offre postfix (utilizzo l'ultima versione
> stabile 2.2.2) avevo pensato ad una cosa di questo tipo:
[cut]
io uso queste, e mi trovo abbastanza bene:
smtpd_helo_required = yes
strict_rfc821_envelopes = yes
disable_vrfy_command = yes
smtpd_client_restrictions =
smtpd_sender_restrictions =
smtpd_recipient_restrictions = check_sender_access
hash:/etc/postfix/access,
check_recipient_access hash:/etc/postfix/access,
check_client_access hash:/etc/postfix/access,
permit_mynetworks,
reject_unknown_recipient_domain,
reject_unknown_sender_domain,
reject_unauth_destination,
reject_unauth_pipelining,
reject_invalid_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_rhsbl_client blackhole.securitysage.com,
reject_rhsbl_sender blackhole.securitysage.com,
reject_rbl_client sbl-xbl.spamhaus.org,
reject_rbl_client list.dsbl.org,
reject_rbl_client bl.spamcop.net,
reject_rbl_client dnsbl.njabl.org,
reject_rbl_client korea.services.net,
reject_rbl_client l1.spews.dnsbl.sorbs.net,
reject_rbl_client dul.spews.dnsbl.sorbs.net,
reject_rbl_client dul.dnsbl.sorbs.net,
reject_rbl_client relays.ordb.org,
reject_rbl_client combined.njabl.org,
reject_rbl_client cbl.abuseat.org
che comunque, qualche problemino portano, visto che nel file access ho
dovuto mettere:
katamail.com OK
inwind.it OK
libero.it OK
lombardiacom.it OK
register.it OK
softcare.it OK
tiscali.it OK
tiscalinet.it OK
tin.it OK
virgilio.it OK
(più tanti altri meno noti)
> #per evitare open-relay
> relay_domains =
a parte che devi mettere
relay_domains = $mydestination
ma la direttiva più importante è
mynetworks = 127.0.0.0/8 , <tua classe ip>
Ciao
Manuel
Maggiori informazioni sulla lista
bglug