github-personal/Mailu
1
0
Fork 0
mirror of https://github.com/outbackdingo/Mailu.git synced 2026-01-27 18:19:36 +00:00
Code Issues Packages Projects Releases Wiki Activity

Restrict XHOST to where useful

Browse Source
This commit is contained in:
Florent Daigniere
2023-01-04 09:40:52 +01:00
parent bf0c345bb9
commit b263db72df
2 changed files with 1 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
core/postfix/conf/main.cf
View File

@@ -40,9 +40,6 @@ smtp_sasl_tls_security_options = noanonymous
# Recipient delimiter for extended addresses
recipient_delimiter = {{ RECIPIENT_DELIMITER }}
# We need to allow everything to do xclient and rely on front to filter-out "bad" requests
smtpd_authorized_xclient_hosts=0.0.0.0/0 [::0]/0
###############
# TLS
###############

1
core/postfix/conf/master.cf
View File

@@ -11,6 +11,7 @@ smtp inet n - n - 1 smtpd
-o smtpd_client_restrictions=$check_ratelimit,reject_unlisted_sender,reject_authenticated_sender_login_mismatch,permit
-o smtpd_reject_unlisted_recipient={% if REJECT_UNLISTED_RECIPIENT %}{{ REJECT_UNLISTED_RECIPIENT }}{% else %}no{% endif %}
-o cleanup_service_name=outclean
-o smtpd_authorized_xclient_hosts={{ SUBNET}},{{ SUBNET6 }}
outclean unix n - n - 0 cleanup
-o header_checks=pcre:/etc/postfix/outclean_header_filter.cf
-o nested_header_checks=