Check internal_domains for outgoing mail.
This commit is contained in:
Stuart Gathman
+13
-8
@@ -1,25 +1,29 @@
|
||||
[milter]
|
||||
# the socket used to communicate with sendmail. Must match sendmail.cf
|
||||
;socket=/var/run/milter/pythonsock
|
||||
socket=/var/run/milter/pythonsock
|
||||
# where to save original copies of defanged and failed messages
|
||||
tempdir = /var/log/milter/save
|
||||
# how long to wait for a response from sendmail before giving up
|
||||
;timeout=600
|
||||
log_headers = 0
|
||||
# connection ips and hostnames are matched against this glob style list
|
||||
# to recognize internal senders
|
||||
# to recognize internal senders.
|
||||
;internal_connect = 192.168.*.*
|
||||
|
||||
# mail that is not an internal_connect and claims to be from an
|
||||
# internal domain is rejected. You should enable SPF instead if you can.
|
||||
# SPF is much more comprehensive and flexible.
|
||||
# internal domain is rejected. Furthermore, internal mail that
|
||||
# does not claim to be from an internal domain is rejected.
|
||||
# You should enable SPF instead if you can. SPF is much more comprehensive and
|
||||
# flexible. However, SPF is not currently checked for outgoing
|
||||
# (internal_connect) mail because it doesn't yet handle authorizing
|
||||
# internal IPs locally.
|
||||
;internal_domains = mycorp.com
|
||||
|
||||
# connections from a trusted relay can trust the first Received header
|
||||
# SPF checks are bypassed for internal connections and trusted relays.
|
||||
;trusted_relay = 1.2.3.4, 66.12.34.56
|
||||
|
||||
# reject external senders with hello names no legit external sender would use
|
||||
# Reject external senders with hello names no legit external sender would use.
|
||||
# SPF will do this also, but listing your own domain and mailserver here
|
||||
# will save some DNS lookups when rejecting certain viruses.
|
||||
;hello_blacklist = mycorp.com, 66.12.34.56
|
||||
@@ -46,7 +50,7 @@ porn_words = penis, breast, pussy, horse cock, porn, xenical, diet pill, d1ck,
|
||||
p-e-n-i-s, hydrocodone, vicodin, xanax, vicod1n, x@nax, diazepam,
|
||||
v1@gra, xan@x, cialis, ci@lis, frëe, xãnax, valíum, vãlium, via-gra,
|
||||
x@n3x, vicod3n, penís, c0d1n, phentermine, en1arge, dip1oma, v1codin,
|
||||
valium, rolex, sexual
|
||||
valium, rolex, sexual, fuck
|
||||
# reject mail with these case sensitive strings in the subject
|
||||
spam_words = $$$, !!!, XXX, FREE, HGH
|
||||
# attachments with these extensions will be replaced with a warning
|
||||
@@ -76,9 +80,10 @@ reject_spoofed = 0
|
||||
;reject_neutral = aol.com
|
||||
# use a default (v=spf1 a/24 mx/24 ptr) when no SPF records are published
|
||||
;best_guess = 0
|
||||
# reject senders that have neither PTR nor SPF records, or DSN if false
|
||||
# Reject senders that have neither PTR nor valid HELO nor SPF records, or send
|
||||
# DSN otherwise
|
||||
;reject_noptr = 0
|
||||
# always accept softfail from these domains, or DSN otherwise
|
||||
# always accept softfail from these domains, or send DSN otherwise
|
||||
;accept_softfail = bounces.amazon.com
|
||||
|
||||
# features intended to clean up outgoing mail
|
||||
|
||||
Reference in New Issue
Block a user