|Main Archive Page > Month Archives > postfix-users archives|
On 10/04/2010 05:49 PM, martin f krafft wrote:
> also sprach Noel Jones<firstname.lastname@example.org> [2010.10.04.0507 +0200]:
>> Lots easier to just use
>> /^myhostname(\.mydomain)?$/ REJECT don't use my hostname
> Thanks to everyone who responded. I am now going the suggested way.
> However, it occurs to me that this is something postfix could be
> trivially doing itself, e.g.
> smtpd_helo_restrictions =
Where, exactly ?
The real client IP ? That can't be trivially spoofed, and so would
actually BE your server.
As for EHLO, IP literals aren't accepted as a matter of course - not in
this day and age.
Personally, I reject all EHLO it it's not FQDN, not a valid hostname, or
corresponds with my own identity.
That pretty much accomplishes what you're talking about, without the
need for additional options.