Hello
I cant find anything about rDNS in EFA.
Is EFA secured by no rDNS filter/module ? Can it be changed/modified ?
Perfect options would be:
(at least the first one)
1. Reject connections where no reverse DNS record exists for the connecting IP address
2. Reject connections where the reverse DNS record exists for the connecting IP address, but the 'A' or 'AAAA' record of the resulting domain does not match the connecting IP address
3. Reject connections where the domain provided at HELO and EHLO has neither an 'A', nor an 'AAAA', nor an 'MX' record in DNS
4. Reject messages where the domain provided in the MAIL FROM address has neither an 'A', nor an 'AAAA', nor an 'MX' record in DNS
rDNS in EFA
Re: rDNS in EFA
This is all handled by the postfix configuration in EFA.
Specifically, if I look in /etc/postfix/main.cf, I can see the following options are set
Does that help?
edit: more information about securing postfix here. (Remember that postfix is probably already well configured in EFA)
Specifically, if I look in /etc/postfix/main.cf, I can see the following options are set
Sorry, Today, I'm too lazy to check out all those postfix options and tell you what they mean, but a quick glance at the above options suggests they've already turned on the options to immediately reject mail from invalid senders before it gets into EFA.smtpd_helo_restrictions = check_helo_access hash:/etc/postfix/helo_access, reject_invalid_hostname
smtpd_sender_restrictions = permit_sasl_authenticated, check_sender_access hash:/etc/postfix/sender_access, reject_non_fqdn_sender, reject_unknown_sender_domain
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_client_restrictions = permit_sasl_authenticated, reject_rbl_client zen.spamhaus.org
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, reject_non_fqdn_recipient, reject_unknown_recipient_domain, check_recipient_access hash:/etc/postfix/recipient_access, check_policy_service inet:127.0.0.1:2501
Does that help?
edit: more information about securing postfix here. (Remember that postfix is probably already well configured in EFA)
Re: rDNS in EFA
that is all i wanted to know, thank You AGAIN