Use sender verification instead of recipient verification, limit connections

2025-04-25 16:06:55 +10:00 · 2025-04-25 16:06:55 +10:00 · 94514235cd
commit 94514235cd
parent 443d18025d
1 changed files with 2 additions and 2 deletions
--- a/include/01-custom.cf
+++ b/include/01-custom.cf
@ -1,4 +1,5 @@
 smtp_host_lookup = native,dns
+smtpd_client_connection_rate_limit = 5
 message_size_limit = 25600000
 queue_minfree = 51200000
 smtpd_helo_required = yes
@ -24,10 +25,9 @@ smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, rej
 #reject_rhsbl_helo           @SPAMHAUS_DQS_KEY@.zrd.dq.spamhaus.net=127.0.2.[2..24],
 #reject_rhsbl_reverse_client @SPAMHAUS_DQS_KEY@.zrd.dq.spamhaus.net=127.0.2.[2..24],
 #reject_rbl_client           @SPAMHAUS_DQS_KEY@.zen.dq.spamhaus.net=127.0.0.[2..255],
-  reject_unverified_recipient,
  check_policy_service unix:private/policyd-spf
 rbl_reply_maps = lmdb:/etc/postfix/custom/dnsbl-reply-map
-smtpd_sender_restrictions = permit_sasl_authenticated, check_sender_access lmdb:/etc/postfix/custom/sender_access, reject_non_fqdn_sender, reject_unknown_sender_domain
+smtpd_sender_restrictions = permit_sasl_authenticated, check_sender_access lmdb:/etc/postfix/custom/sender_access, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unverified_sender
 unverified_recipient_reject_code = 450
 unverified_recipient_reject_reason = No user at this address
 postscreen_greet_action = enforce