Home | Comics | wishlist | Impressum | Datenschutzerklärung |

How to reject mail from wildcard MX domains

Many (cc)TLDs have wildcard A records, which make Postfix's built-in reject_unknown_sender_domain useless, since the wildcard entry makes every subdomain of such a (cc)TLD valid.

To find out more about this, search for "VeriSign SiteFinder".

The Postfix cure is:

smtpd_recipient_restrictions =
   check_sender_mx_access   cidr:/etc/postfix/wildcard_mx_records.cidr
/etc/postfix/wildcard_mx_records.cidr can be generated by this script.
© by Ralf Hildebrandt
This document contains links to external information sources that I do neither monitor nor control. I explicitly disclaim any liabilities in respect to external references.
You are getting this document without any guarantees. Any methods shown above are meant as demonstration and may be wrong in some place. You may damage your system if you try to follow my hints and instructions. You do this at your own risk!

This file was last modified 13. Sep 2007 by root