summaryrefslogtreecommitdiffstats
path: root/roles/MX/files/etc/postfix
diff options
context:
space:
mode:
authorGuilhem Moulin <guilhem@fripost.org>2018-04-04 16:20:03 +0200
committerGuilhem Moulin <guilhem@fripost.org>2018-06-09 00:29:09 +0200
commit4a841439606768e8b8783f4a1bd32096a7bbcd9c (patch)
tree4f193ca90e8446daf8ff2a9a5402b4c17535bcf5 /roles/MX/files/etc/postfix
parent3e41d6be4551f9f5b995e892d0103112a47df86c (diff)
Harden anti spam on the MX:es.
Diffstat (limited to 'roles/MX/files/etc/postfix')
-rw-r--r--roles/MX/files/etc/postfix/reject-unknown-client-hostname.cf10
1 files changed, 10 insertions, 0 deletions
diff --git a/roles/MX/files/etc/postfix/reject-unknown-client-hostname.cf b/roles/MX/files/etc/postfix/reject-unknown-client-hostname.cf
new file mode 100644
index 0000000..6969f75
--- /dev/null
+++ b/roles/MX/files/etc/postfix/reject-unknown-client-hostname.cf
@@ -0,0 +1,10 @@
+server_host = ldapi://%2Fvar%2Fspool%2Fpostfix-mx%2Fprivate%2Fldapi/
+version = 3
+search_base = fvd=%d,ou=virtual,dc=fripost,dc=org
+domain = static:all
+scope = one
+bind = sasl
+sasl_mechs = EXTERNAL
+query_filter = (&(objectClass=FripostVirtualList)(!(objectClass=FripostPendingEntry))(fvl=%u)(fripostIsStatusActive=TRUE))
+result_attribute = fvl
+result_format = reject_unknown_client_hostname