Postfix - where to setup the you are not me option?
-
Hey Everyone,
I'm trying to stop e-mail spoofing our domain by using "you are not me" method following the instruction from the link below but with pfsense file structure. Everything works great until i do anything via the web gui and after a saved, the setting inside main.cf remove check_helo_access hash:/usr/local/etc/postfix/helo.access . Now every morning I'm getting an e-mail message from me sending to me, telling me about a job offer to work from home >:(.
reference from: http://www.bowe.id.au/michael/isp/postfix-server.htm
vi /usr/local/etc/postfix/helo.access
## Deny connections from people forging our hostnames
mail.yourdomain.com REJECT You are not me
mail-mx.yourdomain.com REJECT You are not memail.domain1.com REJECT You are not me
mail.domain2.com REJECT You are not me
mail.domain3.com REJECT You are not mepostmap /usr/local/etc/postfix/helo.access
vi /usr/local/etc/postfix/main.cf
smtpd_helo_required = yes
smtpd_helo_restrictions =
permit_mynetworks,
check_helo_access hash:/usr/local/etc/postfix/helo.access,
# warn_if_reject,
reject_invalid_helo_hostname,
permitpostfix reload
-
All config is created by package gui. If you need to include a file hack, do it on postfix.inc
Are you using latest version? did you configured helo acl?
-
Thanks for responding,
I using 2.0.2-RELEASE, if it does make a different i can definitely update to the latest version.
I did enable the Antispam -> Helo Hostname -> checked, but people in my office saying they're not getting e-mail from legitimate sender. I assume this must have block some host using outside e-mail server that doesn't match their dns record. Where is the helo acl area? is this part of the new release?Thanks again,
-
-
Using the following version:
2.0.3-RELEASE (amd64)
built on Fri Apr 12 10:27:15 EDT 2013
FreeBSD 8.1-RELEASE-p13I can't seem to get this working, i added my domain under services->postfix forwarder->access lists->helo
/^mydomain.org/ REJECT
Still, i'm getting e-mail send to me by me from an outsider source.
Perhaps, i'm placing it in the wrong place? Any help would greatly appreciated.
-
Many spams send a correct header but on mail change sender info on mail data.
on my setup I do not use the ^ on helo info
my domain restrictions are placed on acls helo and sender field