#!/bin/sh
postconf -e "smtpd_helo_required = yes"
postconf -e "permit_mx_backup_networks = /etc/local-COMMON/postfix/mx_networks"
postconf -e "maps_rbl_domains = `cat /etc/local-COMMON/postfic/rbl_lookup_hosts"
postconf -e "smtpd_recipient_restrictions = reject_invalid_hostname,reject_non_fqdn_hostname,reject_non_fqdn_sender,reject_non_fqdn_recipient,reject_unknown_sender_domain,reject_unknown_recipient_domain,reject_unauth_pipelining,permit_mynetworks,permit_mx_backup,reject_unauth_destination,reject_maps_rbl,reject"

# The above is based on this:
#   http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt
# with the addition of MX backup networks and the PCRE stuff avoided
# (PCRE is optional on newest Debian packages)

# Here's a convenient overview of different blackholes:
#   http://rbls.org/