[BlueOnyx:24502] Re: Postfix config

Dirk Estenfeld dirk.estenfeld at blackpoint.de
Fri Nov 13 04:52:28 -05 2020 

Hello Michael,

generally a good thing.
But can you please check the box "Accept from unresolvable domains" by
default instead of not checking it by default?
Because mail clients do not always send an FQDN. I just had this with a
customer who had several users with Outlook who could no longer send
because:

Nov 13 10:17:23 web1 postfix/submission/smtpd[1469325]: NOQUEUE: reject:
RCPT from unknown[1.2.3.4]: 504 5.5.2 <GLCAHAUS01>: Helo command rejected:
need fully-qualified hostname; from=<info at senderdomain.de>
to=<some at recipient.de> proto=ESMTP helo=<GLCAHAUS01>

I have set the check. Now it's working again.
Not everyone has a local mail server or uses o365.
Therefore it would be good to have this limitation optional and not per
default.

Best regards,
Dirk

 
blackpoint GmbH – Friedberger Straße 106b – 61118 Bad Vilbel 

 
-----Ursprüngliche Nachricht-----
Von: Blueonyx <blueonyx-bounces at mail.blueonyx.it> Im Auftrag von Michael
Stauber
Gesendet: Donnerstag, 12. November 2020 22:09
An: blueonyx at mail.blueonyx.it
Betreff: [BlueOnyx:24498] Re: Postfix config

Hi Ernie,

Earlier I wrote:
> That way you could create your own /root/custom-postfix-confgen file 
> and could put all the "postconf -e" commands into it that you want to 
> apply to the Postfix configuration *after* the auto-configure has run. 
> That would allow you to override any Postfix setting and make it stick 
> through updates and other changes.

I just published YUM updates for 5210R that introduce this change to
Postfix:

smtpd_sender_restrictions is set to either ...

postconf -e 'smtpd_sender_restrictions = permit_mynetworks,
check_sender_access hash:/etc/postfix/access'

... or ...

postconf -e 'smtpd_sender_restrictions = permit_mynetworks,
reject_unknown_sender_domain, reject_non_fqdn_sender,
reject_non_fqdn_hostname, reject_unknown_reverse_client_hostname,
reject_unknown_client_hostname, check_sender_access
hash:/etc/postfix/access'

... depending if "Accept from unresolvable domains" is enabled or disabled
in the GUI.

The second set of parameters is the new default. Means: We do strict
checking.

Additionally a new script was added:

/usr/sausalito/bin/custom-postfix-confgen.sh

This script will never be changed during YUM updates and you can put into it
your own "postconf -e" config changes to Postfix. These will be executed
automatically on Postfix restarts *after* the GUI has finished its
auto-configuration of Postfix.

Essentially /usr/sausalito/bin/custom-postfix-confgen.sh allows you to
reconfigure Postfix entirely - if you wish. So use it with caution. An
example is included in the script itself.

--
With best regards

Michael Stauber
_______________________________________________
Blueonyx mailing list
Blueonyx at mail.blueonyx.it
http://mail.blueonyx.it/mailman/listinfo/blueonyx
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5506 bytes
Desc: not available
URL: <http://mail.blueonyx.it/pipermail/blueonyx/attachments/20201113/2914f7b3/attachment.p7s>

More information about the Blueonyx mailing list