install_postfix_advanced.sh: Don't check greylist for connections from 127.0.0.25 (onion - tor hidden service).
This commit is contained in:
parent
f005ee55f8
commit
4a93bf4770
@ -576,7 +576,17 @@ mydestination =
|
||||
## - privileges than "strangers"
|
||||
## -
|
||||
mynetworks =
|
||||
127.0.0.0/8
|
||||
# +++++++++++++++++++++++++++++++++++++
|
||||
# replace 127.0.0.1/8 with 127.0.0.1/32
|
||||
# +++++++++++++++++++++++++++++++++++++
|
||||
# So we can use i.e 127.0.0.25 (or any other 127.x.x.x address)
|
||||
# to bind to hidden tor service on port 25 without having an
|
||||
# open relay
|
||||
#
|
||||
# see also: https://github.com/ehloonion/onionmx/blob/master/open-relay.md
|
||||
#
|
||||
#127.0.0.0/8
|
||||
127.0.0.1/32
|
||||
[::ffff:127.0.0.0]/104
|
||||
[::1]/128
|
||||
${IPV4}/32
|
||||
@ -1449,6 +1459,17 @@ if [[ ! -f /etc/postfix/greylist_client_access_pcre ]]; then
|
||||
# - For clients matching the following rules greylisting check is applied.
|
||||
# ---
|
||||
|
||||
# Prevent connections at 127.0.0.25 (onion - tor hidden service) from greylisting
|
||||
#
|
||||
# Note:
|
||||
# - DUNNO: Pretend, that the lookaup key (127.0.0.25) was not found. No further
|
||||
# evaluation on this access table is done.
|
||||
#
|
||||
# - If 'tor hiddenservice' is supported, we bound it to 127.0.0.25 port 25.
|
||||
# Since those connections are also marked as 'unknown', key below would match
|
||||
# and greylisting would be triggered.
|
||||
/127\\.0\\.0\\.25/ DUNNO
|
||||
|
||||
# unkown clients
|
||||
/^unknown$/ check_greylist
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user