commit c3f15a5494c0539eabc6b1a16f7fd9de03bce02d Author: Nicolas Chauvet <kwizart(a)gmail.com&gt; Date: Thu Aug 24 17:19:13 2017 +0200 Hardening sender and recipient restrictions .../main.cf/main.cf.hv01.online.rpmfusion.net | 15 +++++++++++---- 1 files changed, 11 insertions(+), 4 deletions(-) --- diff --git a/roles/base/files/postfix/main.cf/main.cf.hv01.online.rpmfusion.net b/roles/base/files/postfix/main.cf/main.cf.hv01.online.rpmfusion.net index a4bc364..f38ca7d 100644 --- a/roles/base/files/postfix/main.cf/main.cf.hv01.online.rpmfusion.net +++ b/roles/base/files/postfix/main.cf/main.cf.hv01.online.rpmfusion.net @@ -718,12 +718,19 @@ smtpd_helo_restrictions = permit smtpd_sender_restrictions = - permit_mynetworks, - reject_unknown_sender_domain, + permit_mynetworks, + reject_non_fqdn_sender, + reject_unknown_sender_domain, + permit smtpd_recipient_restrictions = - permit_mynetworks, - reject_unauth_destination, + reject_unauth_pipelining, + reject_non_fqdn_recipient, + reject_unknown_recipient_domain, + permit_mynetworks, + reject_unauth_destination, + check_sender_access + hash:/etc/postfix/sender_access, # check_policy_service unix:postgrey/socket, body_checks = regexp:/etc/postfix/body_checks