summaryrefslogtreecommitdiffstats
path: root/roles/MX
diff options
context:
space:
mode:
authorGuilhem Moulin <guilhem@fripost.org>2014-07-10 01:21:34 +0200
committerGuilhem Moulin <guilhem@fripost.org>2015-06-07 02:52:55 +0200
commit199a909669e821c05d85172b4645e0c46dc1cff4 (patch)
treec4dfa560070c322e566640fd57285af8daec2da8 /roles/MX
parentee046343f3bbb43dc48a8ad72b5cb16dc0a24ee6 (diff)
Fix $smtpd_sender_restrictions.
On the MDA the domain is our 'mda.fripost.org', there is no need to perform an extra DNS lookup. The MSA does not perform local or virtual delivery, but relays everything to the outgoing SMTP proxy. On the MX, there is no need to check for recipient validity as we are the final destination; but unsure that the RCPT TO address is a valid recipient before doing the greylisting.
Diffstat (limited to 'roles/MX')
-rw-r--r--roles/MX/templates/etc/postfix/main.cf.j22
1 files changed, 1 insertions, 1 deletions
diff --git a/roles/MX/templates/etc/postfix/main.cf.j2 b/roles/MX/templates/etc/postfix/main.cf.j2
index 22b68f3..b1d28f9 100644
--- a/roles/MX/templates/etc/postfix/main.cf.j2
+++ b/roles/MX/templates/etc/postfix/main.cf.j2
@@ -143,9 +143,9 @@ smtpd_sender_restrictions =
smtpd_recipient_restrictions =
# RFC requirements
reject_non_fqdn_recipient
- reject_unknown_recipient_domain
permit_mynetworks
reject_unauth_destination
+ reject_unlisted_recipient
check_policy_service unix:private/postgrey
smtpd_data_restrictions =