diff options
Diffstat (limited to 'zarb-ml/mageia-sysadm/2010-November/000667.html')
| -rw-r--r-- | zarb-ml/mageia-sysadm/2010-November/000667.html | 115 |
1 files changed, 115 insertions, 0 deletions
diff --git a/zarb-ml/mageia-sysadm/2010-November/000667.html b/zarb-ml/mageia-sysadm/2010-November/000667.html new file mode 100644 index 000000000..2536f03b3 --- /dev/null +++ b/zarb-ml/mageia-sysadm/2010-November/000667.html @@ -0,0 +1,115 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> + <HEAD> + <TITLE> [Mageia-sysadm] [294] - start to merge simple relay, and add some basic antispam filtering + </TITLE> + <LINK REL="Index" HREF="index.html" > + <LINK REL="made" HREF="mailto:mageia-sysadm%40mageia.org?Subject=Re%3A%20%5BMageia-sysadm%5D%20%5B294%5D%20-%20start%20to%20merge%20simple%20relay%2C%0A%20and%20add%20some%20basic%20antispam%20filtering&In-Reply-To=%3C1290177399.2803.46.camel%40akroma.ephaone.org%3E"> + <META NAME="robots" CONTENT="index,nofollow"> + <META http-equiv="Content-Type" content="text/html; charset=us-ascii"> + <LINK REL="Previous" HREF="000665.html"> + <LINK REL="Next" HREF="000635.html"> + </HEAD> + <BODY BGCOLOR="#ffffff"> + <H1>[Mageia-sysadm] [294] - start to merge simple relay, and add some basic antispam filtering</H1> + <B>Michael Scherer</B> + <A HREF="mailto:mageia-sysadm%40mageia.org?Subject=Re%3A%20%5BMageia-sysadm%5D%20%5B294%5D%20-%20start%20to%20merge%20simple%20relay%2C%0A%20and%20add%20some%20basic%20antispam%20filtering&In-Reply-To=%3C1290177399.2803.46.camel%40akroma.ephaone.org%3E" + TITLE="[Mageia-sysadm] [294] - start to merge simple relay, and add some basic antispam filtering">misc at zarb.org + </A><BR> + <I>Fri Nov 19 15:36:39 CET 2010</I> + <P><UL> + <LI>Previous message: <A HREF="000665.html">[Mageia-sysadm] [294] - start to merge simple relay, and add some basic antispam filtering +</A></li> + <LI>Next message: <A HREF="000635.html">[Mageia-sysadm] [295] Add 30-site.conf ( WIP ) +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#667">[ date ]</a> + <a href="thread.html#667">[ thread ]</a> + <a href="subject.html#667">[ subject ]</a> + <a href="author.html#667">[ author ]</a> + </LI> + </UL> + <HR> +<!--beginarticle--> +<PRE>Le vendredi 19 novembre 2010 à 08:35 +0100, Luca Berra a écrit : +><i> On Thu, Nov 18, 2010 at 11:34:59PM +0100, <A HREF="https://www.mageia.org/mailman/listinfo/mageia-sysadm">root at mageia.org</A> wrote: +</I>><i> >+<% if classes.include?('postfix::simple_relay') %> +</I>><i> > inet_interfaces = localhost +</I>><i> >+<% else %> +</I>><i> >+inet_interfaces = all +</I>><i> >+<% end %> +</I>><i> >+ +</I>><i> >+<% if classes.include?('postfix::smtp_server') %> +</I>><i> you can safely add: +</I>><i> smtpd_etrn_restrictions = reject +</I>><i> you should add: +</I>><i> smtpd_helo_required = yes +</I>><i> if you do checks based on helo here +</I> +I will merge your proposals, I just need to be more familiar with what +they mean ( in case later some issue arise ). And i also likely need to +update zarb and others servers too :) + +><i> >+smtpd_recipient_restrictions = +</I>><i> >+# not done yet +</I>><i> >+# permit_sasl_authenticated +</I>><i> +</I>><i> you should add +</I>><i> reject_sender_login_mismatch +</I>><i> and configure something like: +</I>><i> smtpd_sender_login_maps = +</I>><i> proxy:ldap:/etc/postfix/smtpd_sender_login_maps.cf +</I>><i> server_host = <A HREF="ldaps://">ldaps://</A> +</I>><i> version = 3 +</I>><i> search_base = dc=mageia,dc=org +</I>><i> query_filter = (|(mail=%s)(mailLocalAddress=%s)) +</I>><i> # use this with groupOfNames to allow people to send on behalf of an +</I>><i> # alias (eg postmaster, abuse, etc) +</I>><i> #special_result_attribute = owner +</I>><i> result_attribute = uid +</I> +Well, that's disabled because we are not sure we should offer it ( I +took the config from zarb.org ). + + +><i> >+ reject_non_fqdn_hostname +</I>><i> Note1: this restriction has been renamed in +</I>><i> reject_non_fqdn_helo_hostname +</I> +><i> Note2: i reckon it as a bad idea, there are too many people unable to +</I>><i> properly configure their mta to send an fqdn helo +</I> +That's what we use at zarb, so far no one complained ( obviously, maybe +that's because we reject their mail ... ) + +><i> i also have a number of possible additions, should i send those in? +</I> +Yup, why not, I will integrate them later. +-- +Michael Scherer + +</PRE> + + + + +<!--endarticle--> + <HR> + <P><UL> + <!--threads--> + <LI>Previous message: <A HREF="000665.html">[Mageia-sysadm] [294] - start to merge simple relay, and add some basic antispam filtering +</A></li> + <LI>Next message: <A HREF="000635.html">[Mageia-sysadm] [295] Add 30-site.conf ( WIP ) +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#667">[ date ]</a> + <a href="thread.html#667">[ thread ]</a> + <a href="subject.html#667">[ subject ]</a> + <a href="author.html#667">[ author ]</a> + </LI> + </UL> + +<hr> +<a href="https://www.mageia.org/mailman/listinfo/mageia-sysadm">More information about the Mageia-sysadm +mailing list</a><br> +</body></html> |