From 3513ee9c4019d72406baf015f0d7e42d3e6e1fc3 Mon Sep 17 00:00:00 2001 From: Jonas Smedegaard Date: Thu, 23 Aug 2007 15:25:35 +0000 Subject: Verify senders also of peer domains (sender and recipient verification should work cncurrently - the problem was verifying the verification probe address). --- postfix/postfix.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'postfix') diff --git a/postfix/postfix.sh b/postfix/postfix.sh index 9a90be2..cfbaa54 100755 --- a/postfix/postfix.sh +++ b/postfix/postfix.sh @@ -3,7 +3,7 @@ # /etc/local-COMMON/postfix/postfix.sh # Copyright 2002-2007 Jonas Smedegaard # -# $Id: postfix.sh,v 1.55 2007-08-23 15:13:29 jonas Exp $ +# $Id: postfix.sh,v 1.56 2007-08-23 15:25:35 jonas Exp $ # # Auto-tweak plain installed postfix Debian package # @@ -136,12 +136,12 @@ $postconf -e "`getlinesfromfile smtpd_sender_restrictions reject_rhsbl_sender`" $postconf -e "`getlinesfromfile smtpd_recipient_restrictions reject_maps_rbl=reject_rbl_client=maps_rbl_domains`" $postconf -e "`getlinesfromfile smtpd_data_restrictions`" -# Verify senders of own and suspect domains +# Verify senders of common suspicious and known verifiable domains # (exclude verification of postmaster@ to not verify verification probes) -# (avoid verifying senders of peer domains to not clash with their recipient verification) # FIXME: somehow do this step only if enabled in smtpd_sender_restrictions cat /etc/local-COMMON/postfix/maildomains | sort | sed 's/$/ reject_unverified_sender/' > "$confdir/sender_access" -catfilefromownrealm maildomains | sort | sed 's/\(.*\)$/postmaster@\1 permit\n\1 reject_unverified_sender/' >> "$confdir/sender_access" +( catfilefromownrealm maildomains; catallfilesfromotherrealms maildomains ) \ + | sort | sed 's/\(.*\)$/postmaster@\1 permit\n\1 reject_unverified_sender/' >> "$confdir/sender_access" postmap "$confdir/sender_access" $postconf -e "unverified_sender_reject_code = 550" -- cgit v1.2.3