Allow overriding HELO checks

Bug #2019263 reported by Haw Loeung
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
SMTP Relay Charm
Triaged
Wishlist
Unassigned

Bug Description

Hi,

When reject on HELO checks are enabled (such as reject_non_fqdn_helo_hostname and reject_unknown_helo_hostname), there doesn't appear to be a way to override or whitelist for specific domains/hostnames. The charm should support a way to specify a set of domains/hostnames to whitelist.

Haw Loeung (hloeung)
Changed in smtp-relay-charm:
importance: Undecided → Wishlist
status: New → Triaged
Revision history for this message
James Simpson (jsimpso) wrote :

Did some reading before I realised we had a bug for this, saved some links that might be useful to us:

https://serverfault.com/questions/202978/can-i-make-an-exception-to-reject-unknown-client-hostname#203021

https://serverfault.com/questions/1123359/postfix-white-listing-a-badly-configured-server-not-working-helo-command-reject

https://serverfault.com/questions/527541/postfix-whitelist-host-for-specific-sender

----

I'm sure we'd be better off applying exclusions in "smtpd_helo_restrictions" if possible to limit the scope of the checks we're affecting, but we could consider editing "smtpd_recipient_restrictions" to move "reject_non_fqdn_helo_hostname, reject_unknown_helo_hostname" to the back of the list, behind "check_sender_access".

That check leverages `/etc/postfix/access` which is charm managed, which may be an avenue we could use to implement this feature.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.