|Main Archive Page > Month Archives > postfix-users archives|
Please don't send these redundant messages. It's a good indication of
your general messaging skills.
On 10/04/2010 07:56 PM, martin f krafft wrote:
> also sprach Jeroen Geilman<firstname.lastname@example.org> [2010.10.04.1822 +0200]:
>> Where, exactly ?
> The HELO greeting.
>> The real client IP ? That can't be trivially spoofed, and so would
>> actually BE your server.
> I have seen clients who apparently connect to my MX with the IP and
> then send the IP after HELO.
With YOUR IP ? That's highly unlikely, to the point of unbelievability.
>> Personally, I reject all EHLO it it's not FQDN, not a valid hostname,
>> or corresponds with my own identity.
> % swaks -h '22.214.171.124' -t email@example.com
> === Trying xs.adaptr.nl:25...
> === Connected to xs.adaptr.nl.
> <- 220-Are you naughty or nice ?
> <- 220 mail.adaptr.nl ESMTP Ready.
> -> EHLO 126.96.36.199
> <- 250-mail.adaptr.nl
I'm quite sure I didn't ask you to post this online.
> (same with [188.8.131.52])
When I said that *I* use those rules, where did you get the notion it
has anything to do with any particular domain, or mail server ?
>> That pretty much accomplishes what you're talking about, without the
>> need for additional options.
> So you keep a file in /etc/postfix containing your own identity?
> That's redundant, isn't it? I can trivially do this with puppet, but
> I figure it would be something postfix could do too.
So you're too dumb to write a simple regex map, eh ?
I guess "puppet" would be the solution for you then.