install_postfix_advanced.sh: Don't check greylist for connections from 127.0.0.25 (onion - tor hidden service).
This commit is contained in:
parent
f005ee55f8
commit
4a93bf4770
@ -576,7 +576,17 @@ mydestination =
|
|||||||
## - privileges than "strangers"
|
## - privileges than "strangers"
|
||||||
## -
|
## -
|
||||||
mynetworks =
|
mynetworks =
|
||||||
127.0.0.0/8
|
# +++++++++++++++++++++++++++++++++++++
|
||||||
|
# replace 127.0.0.1/8 with 127.0.0.1/32
|
||||||
|
# +++++++++++++++++++++++++++++++++++++
|
||||||
|
# So we can use i.e 127.0.0.25 (or any other 127.x.x.x address)
|
||||||
|
# to bind to hidden tor service on port 25 without having an
|
||||||
|
# open relay
|
||||||
|
#
|
||||||
|
# see also: https://github.com/ehloonion/onionmx/blob/master/open-relay.md
|
||||||
|
#
|
||||||
|
#127.0.0.0/8
|
||||||
|
127.0.0.1/32
|
||||||
[::ffff:127.0.0.0]/104
|
[::ffff:127.0.0.0]/104
|
||||||
[::1]/128
|
[::1]/128
|
||||||
${IPV4}/32
|
${IPV4}/32
|
||||||
@ -1449,6 +1459,17 @@ if [[ ! -f /etc/postfix/greylist_client_access_pcre ]]; then
|
|||||||
# - For clients matching the following rules greylisting check is applied.
|
# - For clients matching the following rules greylisting check is applied.
|
||||||
# ---
|
# ---
|
||||||
|
|
||||||
|
# Prevent connections at 127.0.0.25 (onion - tor hidden service) from greylisting
|
||||||
|
#
|
||||||
|
# Note:
|
||||||
|
# - DUNNO: Pretend, that the lookaup key (127.0.0.25) was not found. No further
|
||||||
|
# evaluation on this access table is done.
|
||||||
|
#
|
||||||
|
# - If 'tor hiddenservice' is supported, we bound it to 127.0.0.25 port 25.
|
||||||
|
# Since those connections are also marked as 'unknown', key below would match
|
||||||
|
# and greylisting would be triggered.
|
||||||
|
/127\\.0\\.0\\.25/ DUNNO
|
||||||
|
|
||||||
# unkown clients
|
# unkown clients
|
||||||
/^unknown$/ check_greylist
|
/^unknown$/ check_greylist
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user