From c9694f0cae9eb845a63c13793a76850cf8f531b7 Mon Sep 17 00:00:00 2001 From: Brennan Kinney <5098581+polarathene@users.noreply.github.com> Date: Thu, 20 Feb 2025 16:32:54 +1300 Subject: [PATCH] chore: Prepend to our custom parameter variant to retain applying to all `smtpd` ports --- target/postfix/main.cf | 5 +++-- target/scripts/startup/setup.d/postfix.sh | 4 ++-- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/target/postfix/main.cf b/target/postfix/main.cf index d501eec0..518e2dc5 100644 --- a/target/postfix/main.cf +++ b/target/postfix/main.cf @@ -68,9 +68,10 @@ smtpd_forbid_bare_newline = yes # smtpd_forbid_bare_newline_exclusions = $mynetworks # Custom defined parameters for DMS: -# reject_unknown_sender_domain: https://github.com/docker-mailserver/docker-mailserver/issues/3716#issuecomment-1868033234 +# Custom sender restrictions overview: https://github.com/docker-mailserver/docker-mailserver/pull/4379#issuecomment-2670365917 +# `reject_unknown_sender_domain`: https://github.com/docker-mailserver/docker-mailserver/issues/3716#issuecomment-1868033234 dms_smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unknown_sender_domain -# Submission ports 587 and 465 support for SPOOF_PROTECTION=1 +# `SPOOF_PROTECTION=1` support requires prepending `reject_authenticated_sender_login_mismatch` mua_sender_restrictions = reject_authenticated_sender_login_mismatch, $dms_smtpd_sender_restrictions # Postscreen settings to drop zombies/open relays/spam early diff --git a/target/scripts/startup/setup.d/postfix.sh b/target/scripts/startup/setup.d/postfix.sh index e48d9f6c..9e9370ab 100644 --- a/target/scripts/startup/setup.d/postfix.sh +++ b/target/scripts/startup/setup.d/postfix.sh @@ -99,11 +99,11 @@ function _setup_postfix_late() { # https://www.postfix.org/access.5.html __postfix__log 'trace' 'Configuring user access' if [[ -f /tmp/docker-mailserver/postfix-send-access.cf ]]; then - sed -i -E 's|^#?(smtpd_sender_restrictions =)|\1 check_sender_access texthash:/tmp/docker-mailserver/postfix-send-access.cf,|' /etc/postfix/main.cf + sed -i -E 's|^(dms_smtpd_sender_restrictions =)|\1 check_sender_access texthash:/tmp/docker-mailserver/postfix-send-access.cf,|' /etc/postfix/main.cf fi if [[ -f /tmp/docker-mailserver/postfix-receive-access.cf ]]; then - sed -i -E 's|^#?(smtpd_recipient_restrictions =)|\1 check_recipient_access texthash:/tmp/docker-mailserver/postfix-receive-access.cf,|' /etc/postfix/main.cf + sed -i -E 's|^(dms_smtpd_recipient_restrictions =)|\1 check_recipient_access texthash:/tmp/docker-mailserver/postfix-receive-access.cf,|' /etc/postfix/main.cf fi __postfix__log 'trace' 'Configuring relay host'