Commit 0534faf6 authored by Claudemir Todo Bom's avatar Claudemir Todo Bom

* allow multiple submitter an relay hosts

parent 02ad6eaa
Pipeline #200 passed with stage
in 1 minute and 27 seconds
......@@ -32,10 +32,10 @@ WW_POSTMASTER=postmaster@example.com
#WW_MULTIPLE_DEFAULT="192.0.2.1 ; 2001:db8::1"
### define host de relay (apenas 1 permitido) #FIXME
### define relay hosts (separated by ";")
#WW_RELAYERS=
### define host específico para envio (apenas 1 permitido) #FIXME
### define trusted submitter hosts (separated by ";")
#WW_SUBMITTERS=
### enable smtp hooked scripts on /usr/local/share/mailscripts
......
......@@ -8,10 +8,14 @@
.ifndef WW_RELAYERS
WW_RELAYERS=
.else
WW_RELAYERS==${sg{WW_RELAYERS}{"}{}}
.endif
.ifndef WW_SUBMITTERS
WW_SUBMITTERS=
.else
WW_SUBMITTERS==${sg{WW_SUBMITTERS}{"}{}}
.endif
#### Configurações Básicas
......@@ -79,9 +83,9 @@ domainlist relay_domains = :
localpartlist CLEARRCPT = postmaster : abuse
hostlist localhost = <; 127.0.0.1 ; ::1
hostlist relay_hosts = <; 127.0.0.1 ; ::1
hostlist relayers = <; 127.0.0.1 ; WW_RELAYERS ; WW_SUBMITTERS
hostlist localhost = <; 127.0.0.0/8 ; ::1
hostlist submitter_hosts = <; 127.0.0.0/8 ; ::1 ; WW_SUBMITTERS
hostlist relayers = <; 127.0.0.0/8 ; ::1 ; WW_RELAYERS ; WW_SUBMITTERS
hostlist auth_relay_hosts = *
......@@ -236,7 +240,7 @@ smtp_accept_queue_per_connection = 100
# numero maximo de conexoes
smtp_reserve_hosts = +relay_hosts
smtp_reserve_hosts = +submitter_hosts
smtp_accept_max = 350
smtp_accept_reserve = 150
smtp_accept_max_per_host = 20
......@@ -415,9 +419,9 @@ check_recipient:
local_parts = +CLEARRCPT
set acl_m0 = do-not-reject
warn hosts = +relay_hosts:127.0.0.1/8
warn hosts = +submitter_hosts : +relayers
set acl_m0 = do-not-scan
log_message = DISABLE_SA will not reject relay hosts
log_message = DISABLE_SA will not reject relay and submitter hosts
warn authenticated = *
set acl_m0 = do-not-scan
......@@ -523,24 +527,24 @@ check_recipient:
message = 2.1.5 Submission accepted
## ratelimit para relay hosts
deny hosts = +relay_hosts
## ratelimit for submitter hosts
deny hosts = +submitter_hosts
ratelimit = 1000 / 5h / per_rcpt / strict / $sender_host_address
message = 5.7.1 rate exceeded
log_message = Authorized host sender rate limited exceeded for $sender_host_address: $sender_rate/$sender_rate_period
deny hosts = +relay_hosts
deny hosts = +submitter_hosts
ratelimit = 300 / 10m / per_rcpt / strict / $sender_host_address
message = 5.7.1 rate exceeded
log_message = Authorized host sender rate limited exceeded for $sender_host_address: $sender_rate/$sender_rate_period
warn hosts = +relay_hosts
warn hosts = +submitter_hosts
ratelimit = 0 / 10m / per_rcpt / strict / $sender_host_address
log_message = Authorized host sender rate $sender_rate / $sender_rate_period
## aceita emails originados pelos relays
accept hosts = +relay_hosts
message = 2.1.5 Accepted from relay
## accept messages sent by submitter hosts
accept hosts = +submitter_hosts
message = 2.1.5 Accepted from submitter host
## nega envio a dominios externos
......@@ -548,10 +552,6 @@ check_recipient:
message = 5.7.1 relay to $domain denied
log_message = REFUSED: [relay denied] to $domain for $sender_host_address
warn hosts = +relayers
set acl_m0 = do-not-scan
log_message = DISABLE_SA will not scan from relayers
## blacklist por hostname
#deny condition = ${lookup mysql{select count(suffix) from hostblacklist where '${sender_host_name}' LIKE concat('%',lower(suffix)) }}
# message = 5.7.1 hostname blacklisted: ${sender_host_name}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment