postfix-users October 2010 archive
Main Archive Page > Month Archives  > postfix-users archives
postfix-users: Re: rejecting clients greeting me with my own nam

Re: rejecting clients greeting me with my own name

From: Jeroen Geilman <jeroen_at_nospam>
Date: Mon Oct 04 2010 - 18:04:45 GMT

Please don't send these redundant messages. It's a good indication of
your general messaging skills.

On 10/04/2010 07:56 PM, martin f krafft wrote:
> also sprach Jeroen Geilman<> [2010.10.04.1822 +0200]:
>> Where, exactly ?
> The HELO greeting.
>> The real client IP ? That can't be trivially spoofed, and so would
>> actually BE your server.
> I have seen clients who apparently connect to my MX with the IP and
> then send the IP after HELO.

With YOUR IP ? That's highly unlikely, to the point of unbelievability.

>> Personally, I reject all EHLO it it's not FQDN, not a valid hostname,
>> or corresponds with my own identity.
> % swaks -h '' -t
> === Trying
> === Connected to
> <- 220-Are you naughty or nice ?
> <- 220 ESMTP Ready.
> -> EHLO
> <-
> []

I'm quite sure I didn't ask you to post this online.

> (same with [])

When I said that *I* use those rules, where did you get the notion it
has anything to do with any particular domain, or mail server ?

>> That pretty much accomplishes what you're talking about, without the
>> need for additional options.
> So you keep a file in /etc/postfix containing your own identity?
> That's redundant, isn't it? I can trivially do this with puppet, but
> I figure it would be something postfix could do too.

So you're too dumb to write a simple regex map, eh ?
I guess "puppet" would be the solution for you then.