I like to keep higher than “normal” security on our email servers. One such setting in Postfix is:
smtpd_helo_required = yes
Along with this setting enabled, you need to specify who is allowed and who should be blocked via:
smtpd_helo_restrictions = [bunch of settings here...]
In this article, I will be discussing:
smtpd_helo_restrictions = permit_mynetworks, check_helo_access regexp:/etc/postfix/helo_access, [other options not discussed]
I think that blocking mail servers that don’t properly have DNS set up is a GOOD thing. There are plenty of servers that don’t meet RFC specifications, many of which are spammers who don’t want their server discoverable via DNS routes...
Read More