I want to configure Postfix to reject spam from the Internet. I found the following example here:
smtpd_client_restrictions = permit_mynetworks, reject
smtpd_helo_restrictions = reject_unknown_helo_hostname
smtpd_sender_restrictions = reject_unknown_sender_domain
smtpd_relay_restrictions = permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination
reject_rbl_client zen.spamhaus.org,
reject_rhsbl_reverse_client dbl.spamhaus.org,
reject_rhsbl_helo dbl.spamhaus.org,
reject_rhsbl_sender dbl.spamhaus.org
smtpd_data_restrictions = reject_unauth_pipelining
But when I sent an e-mail to my domain from a Gmail account it got blocked. I then changed:
smtpd_client_restrictions = permit_mynetworks, reject
to:
smtpd_client_restrictions = permit_mynetworks, reject_unknown_client_hostname
and now my mail server seems to work.
Is this example provided by postfix.org a best practise or should I strengthen/weaken it?