From a2b5a3a4df7b3b1e72f1e8dbf28f980ea47a18a9 Mon Sep 17 00:00:00 2001
From: Michael Scherer <misc@mageia.org>
Date: Fri, 19 Nov 2010 20:18:57 +0000
Subject: - merge luca berra proposal

---
 modules/postfix/templates/main.cf | 18 ++++++++++++------
 1 file changed, 12 insertions(+), 6 deletions(-)

diff --git a/modules/postfix/templates/main.cf b/modules/postfix/templates/main.cf
index 6cb9c93f..d4d8eeb9 100644
--- a/modules/postfix/templates/main.cf
+++ b/modules/postfix/templates/main.cf
@@ -42,10 +42,12 @@ relay_domains = $mydestination,
                 <%= domain %>
 <%- end -%>
 transport_maps = regexp:/etc/postfix/transport_regexp
+
 <% if classes.include?('sympa') %>
 sympa_destination_recipient_limit = 1
 sympabounce_destination_recipient_limit = 1
 <% end %>
+
 #delay_warning_time = 4h
 smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) (Mandriva Linux)
 unknown_local_recipient_reject_code = 450
@@ -57,17 +59,21 @@ smtpd_tls_key_file = /etc/pki/tls/private/postfix.pem
 smtpd_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt
 
 <% if classes.include?('postfix::smtp_server') %>
+smtpd_etrn_restrictions = reject
+
+smtpd_helo_required = yes
+
+smtpd_data_restrictions = reject_unauth_pipelining 
+                          reject_multi_recipient_bounce
+
 smtpd_recipient_restrictions =
 #    not done yet
 #    permit_sasl_authenticated
-    permit_mynetworks
-    reject_unauth_destination
-    reject_unauth_pipelining
     reject_non_fqdn_recipient
     reject_non_fqdn_sender
-    reject_non_fqdn_hostname
-    reject_invalid_hostname
-    reject_unknown_recipient_domain
+    permit_mynetworks
+    reject_unauth_destination
+    reject_non_fqdn_helo_hostname
     reject_unknown_sender_domain
     reject_unknown_client
   <% if classes.include?('postgrey') %>
-- 
cgit v1.2.1