commit c3f15a5494c0539eabc6b1a16f7fd9de03bce02d
Author: Nicolas Chauvet <kwizart(a)gmail.com>
Date: Thu Aug 24 17:19:13 2017 +0200
Hardening sender and recipient restrictions
.../main.cf/main.cf.hv01.online.rpmfusion.net | 15 +++++++++++----
1 files changed, 11 insertions(+), 4 deletions(-)
---
diff --git
a/roles/base/files/postfix/main.cf/main.cf.hv01.online.rpmfusion.net
b/roles/base/files/postfix/main.cf/main.cf.hv01.online.rpmfusion.net
index a4bc364..f38ca7d 100644
---
a/roles/base/files/postfix/main.cf/main.cf.hv01.online.rpmfusion.net
+++
b/roles/base/files/postfix/main.cf/main.cf.hv01.online.rpmfusion.net
@@ -718,12 +718,19 @@ smtpd_helo_restrictions =
permit
smtpd_sender_restrictions =
- permit_mynetworks,
- reject_unknown_sender_domain,
+ permit_mynetworks,
+ reject_non_fqdn_sender,
+ reject_unknown_sender_domain,
+ permit
smtpd_recipient_restrictions =
- permit_mynetworks,
- reject_unauth_destination,
+ reject_unauth_pipelining,
+ reject_non_fqdn_recipient,
+ reject_unknown_recipient_domain,
+ permit_mynetworks,
+ reject_unauth_destination,
+ check_sender_access
+ hash:/etc/postfix/sender_access,
# check_policy_service unix:postgrey/socket,
body_checks = regexp:/etc/postfix/body_checks