Enhancement #2768
Relax Postix restrictions for whitelisted senders
| Status: | CLOSED | Start date: | ||
|---|---|---|---|---|
| Priority: | Normal | Due date: | ||
| Assignee: | - | % Done: | 100% | |
| Category: | nethserver-mail-filter | |||
| Target version: | v6.5 | |||
| Resolution: | NEEDINFO: | No |
Description
The amavisd/SenderWhitelist prop is honoured by amavisd to bypass spam checks. Anyway, Postfix still enforces reject_unknown_sender_domain rule in smtpd_sender_restrictions. Thus a mail from a non existent domain can't be delivered even if the sender domain is whitelisted.
Honour amavisd/SenderWhitelist prop in smtpd_sender_restrictions.
[ Rif Nethesis 2014061110000058 ]
Example scenario: some internal servers (with a .local domain) send email notifications to NethServer. Emails are refused because the sender domain does not exist.
Associated revisions
main.cf: removed SMTP compliance checks. Refs #2768
This kind of restrictions are now enforced by mail-filter.
postfix/main.cf: enforce strict checks on helo, sender, recipient addresses. Refs #2768
Imported restrictions from mail-common.
main.cf: fragment refactor. Refs #2768
postfix sender_access table template: whitelisted senders skip strict sender checks. Refs #2768
History
#1
Updated by Davide Principi almost 7 years ago
- Status changed from TRIAGED to ON_DEV
- Assignee set to Davide Principi
- % Done changed from 20 to 30
In branch b2750
#2
Updated by Davide Principi almost 7 years ago
- Status changed from ON_DEV to MODIFIED
- Assignee deleted (
Davide Principi) - % Done changed from 30 to 60
Test case
- Install
nethserver-mail-devpackage forsmtptestcommand - Update to modified version
unknown.tlddomain does not exist and must be rejected:# smtptest --ehlo vboxnet1.tld --to primo.utente@vboxnet0.tld --from davidep@unknown.tld --addr 8.8.8.8 --port 25 ... Sender address rejected: Domain not found;...- Add
unknown.tldto sender whitelist in server-manager underMail > Filtertab - Repeat the previous command: the message now must be accepted
#3
Updated by Davide Principi almost 7 years ago
- Status changed from MODIFIED to ON_QA
- % Done changed from 60 to 70
In nethserver-testing:
nethserver-mail-common-1.3.3-1.19git5aeec2c.ns6.noarch.rpm
nethserver-mail-server-1.7.0-1.9git836d38e.ns6.noarch.rpm
nethserver-mail-filter-1.1.6-5.0git2ea5d3e8.ns6.noarch.rpm
#4
Updated by Giacomo Sanchietti almost 7 years ago
- Assignee set to Giacomo Sanchietti
#5
Updated by Giacomo Sanchietti almost 7 years ago
- Status changed from ON_QA to VERIFIED
- Assignee deleted (
Giacomo Sanchietti) - % Done changed from 70 to 90
Before adding the exception:
[root@testserver ~]# smtptest --ehlo vboxnet1.tld --to test3@mydomain.loc --from me@mydom11.org --addr 8.8.8.8 --port 25 4.1.8 <me@mydom11.org>: Sender address rejected: Domain not found
After adding the exception:
[root@testserver ~]# smtptest --ehlo vboxnet1.tld --to test3@mydomain.loc --from me@mydom11.org --addr 8.8.8.8 --port 25 [root@testserver ~]# echo $? 0
#6
Updated by Giacomo Sanchietti almost 7 years ago
- Status changed from VERIFIED to CLOSED
- % Done changed from 90 to 100
- nethserver-mail-server-1.8.0-1.ns6.noarch.rpm
- nethserver-mail-common-1.4.0-1.ns6.noarch.rpm
- nethserver-mail-filter-1.2.0-1.ns6.noarch.rpm