- don't block mails from localhost

- added postfix-mxaccess for freebsd refs #119
2010-04-07 10:52:15 +00:00
parent 5f9d90a293
commit 1839264f7a
8 changed files with 47 additions and 5 deletions
--- a/lib/configfiles/freebsd.inc.php
+++ b/lib/configfiles/freebsd.inc.php
@@ -112,6 +112,19 @@ return Array(
 							'sh /usr/local/etc/rc.d/postfix restart'
 						)
 					),
+					'postfix_mxaccess' => Array(
+						'label' => 'Postfix MX-Access (anti spam)',
+						'files' => Array(
+							'etc_postfix_mx_access' => '/usr/local/etc/postfix/mx_access',
+							'etc_postfix_main.cf' => '/usr/local/etc/postfix/main.cf'
+						),
+						'commands_1' => Array(
+							'postmap /etc/postfix/mx_access'
+						),
+						'restart' => Array(
+							'/etc/init.d/postfix restart'
+						)
+					),
 					'dkim' => Array(
 						'label' => 'DomainKey filter',
 						'commands' => Array(
--- a/templates/misc/configfiles/debian_etch/postfix_mxaccess/etc_postfix_mx_access
+++ b/templates/misc/configfiles/debian_etch/postfix_mxaccess/etc_postfix_mx_access
@@ -1,6 +1,5 @@
 0.0.0.0/8         REJECT Domain MX in broadcast network
 10.0.0.0/8        REJECT Domain MX in RFC 1918 private network
-127.0.0.0/8       REJECT Domain MX in loopback network
 169.254.0.0/16    REJECT Domain MX in link local network
 172.16.0.0/12     REJECT Domain MX in RFC 1918 private network
 192.0.2.0/24      REJECT Domain MX in TEST-NET network
--- a/templates/misc/configfiles/debian_lenny/postfix_mxaccess/etc_postfix_mx_access
+++ b/templates/misc/configfiles/debian_lenny/postfix_mxaccess/etc_postfix_mx_access
@@ -1,6 +1,5 @@
 0.0.0.0/8         REJECT Domain MX in broadcast network
 10.0.0.0/8        REJECT Domain MX in RFC 1918 private network
-127.0.0.0/8       REJECT Domain MX in loopback network
 169.254.0.0/16    REJECT Domain MX in link local network
 172.16.0.0/12     REJECT Domain MX in RFC 1918 private network
 192.0.2.0/24      REJECT Domain MX in TEST-NET network
--- a/templates/misc/configfiles/freebsd/postfix_mxaccess/etc_postfix_main.cf
+++ b/templates/misc/configfiles/freebsd/postfix_mxaccess/etc_postfix_main.cf
@@ -0,0 +1,25 @@
+#
+# ATTENTION - this is not the full postfix-main.cf file
+#
+# it only provides additional configuration-entries!
+#
+
+#
+# look for the follow statement
+#
+smtpd_recipient_restrictions = permit_mynetworks,
+	permit_sasl_authenticated,
+	reject_unauth_destination,
+	reject_unauth_pipelining,
+	reject_non_fqdn_recipient
+
+#
+# and extend it with the following line
+# so it looks like this
+#
+smtpd_recipient_restrictions = permit_mynetworks,
+	permit_sasl_authenticated,
+	reject_unauth_destination,
+	reject_unauth_pipelining,
+	reject_non_fqdn_recipient,
+	check_recipient_mx_access cidr:/usr/local/etc/postfix/mx_access
--- a/templates/misc/configfiles/freebsd/postfix_mxaccess/etc_postfix_mx_access
+++ b/templates/misc/configfiles/freebsd/postfix_mxaccess/etc_postfix_mx_access
@@ -0,0 +1,9 @@
+0.0.0.0/8         REJECT Domain MX in broadcast network
+10.0.0.0/8        REJECT Domain MX in RFC 1918 private network
+169.254.0.0/16    REJECT Domain MX in link local network
+172.16.0.0/12     REJECT Domain MX in RFC 1918 private network
+192.0.2.0/24      REJECT Domain MX in TEST-NET network
+192.168.0.0/16    REJECT Domain MX in RFC 1918 private network
+224.0.0.0/4       REJECT Domain MX in class D multicast network
+240.0.0.0/5       REJECT Domain MX in class E reserved network
+248.0.0.0/5       REJECT Domain MX in reserved network
--- a/templates/misc/configfiles/gentoo/postfix_mxaccess/etc_postfix_mx_access
+++ b/templates/misc/configfiles/gentoo/postfix_mxaccess/etc_postfix_mx_access
@@ -1,6 +1,5 @@
 0.0.0.0/8         REJECT Domain MX in broadcast network
 10.0.0.0/8        REJECT Domain MX in RFC 1918 private network
-127.0.0.0/8       REJECT Domain MX in loopback network
 169.254.0.0/16    REJECT Domain MX in link local network
 172.16.0.0/12     REJECT Domain MX in RFC 1918 private network
 192.0.2.0/24      REJECT Domain MX in TEST-NET network
--- a/templates/misc/configfiles/suse_linux_10_0/postfix_mxaccess/etc_postfix_mx_access
+++ b/templates/misc/configfiles/suse_linux_10_0/postfix_mxaccess/etc_postfix_mx_access
@@ -1,6 +1,5 @@
 0.0.0.0/8         REJECT Domain MX in broadcast network
 10.0.0.0/8        REJECT Domain MX in RFC 1918 private network
-127.0.0.0/8       REJECT Domain MX in loopback network
 169.254.0.0/16    REJECT Domain MX in link local network
 172.16.0.0/12     REJECT Domain MX in RFC 1918 private network
 192.0.2.0/24      REJECT Domain MX in TEST-NET network
--- a/templates/misc/configfiles/ubuntu_hardy/postfix_mxaccess/etc_postfix_mx_access
+++ b/templates/misc/configfiles/ubuntu_hardy/postfix_mxaccess/etc_postfix_mx_access
@@ -1,6 +1,5 @@
 0.0.0.0/8         REJECT Domain MX in broadcast network
 10.0.0.0/8        REJECT Domain MX in RFC 1918 private network
-127.0.0.0/8       REJECT Domain MX in loopback network
 169.254.0.0/16    REJECT Domain MX in link local network
 172.16.0.0/12     REJECT Domain MX in RFC 1918 private network
 192.0.2.0/24      REJECT Domain MX in TEST-NET network