From a7d33265b2aa39f2ea8559b1bfffbe060ef9dc65 Mon Sep 17 00:00:00 2001 From: System administrator Date: Mon, 10 Aug 2020 23:02:51 +0200 Subject: acl: add trusted_relay_hosts_ip list For trusted hosts for which no reverse host lookup should be made. --- conf.d/000_local.conf.example | 1 + conf.d/020_acl.conf | 2 ++ 2 files changed, 3 insertions(+) (limited to 'conf.d') diff --git a/conf.d/000_local.conf.example b/conf.d/000_local.conf.example index edb41fa..7726655 100644 --- a/conf.d/000_local.conf.example +++ b/conf.d/000_local.conf.example @@ -18,6 +18,7 @@ primary_hostname = domainlist local_domains = @ domainlist relay_to_domains = hostlist relay_from_hosts = localhost +hostlist trusted_relay_hosts_ip = hostlist trusted_relay_hosts = # (We rely upon hostname resolution working for localhost, because the default # uncommented configuration needs to work in IPv4-only environments.) diff --git a/conf.d/020_acl.conf b/conf.d/020_acl.conf index 04a5e0a..6d3addf 100644 --- a/conf.d/020_acl.conf +++ b/conf.d/020_acl.conf @@ -96,6 +96,8 @@ acl_mta_mail: require acl = acl_check_mail_introduction message = Courtesy protocol violation: $acl_m_msg + accept hosts = +trusted_relay_hosts_ip + require verify = reverse_host_lookup/defer_ok message = HELO/EHLO mismatch. -- cgit v1.2.3