infra-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Chris Lambertus (JIRA)" <>
Subject [jira] [Commented] (INFRA-12309) block invalid inbound email
Date Tue, 25 Jun 2019 04:54:00 GMT


Chris Lambertus commented on INFRA-12309:

This will be tested with a new MX server rollout planned in the next few days, implemented
via postfix-policyd-spf-python and an initial setup to force fail non-matching SPF records:

Reject_Not_Pass_Domains =

This will ensure that any mail coming into the new external border MX server purporting to
be from must originate from a server on our SPF list. This is an interim step
prior to switching our DNS SPF record from ~all to -all.

[~gstein] fyi

> block invalid inbound email
> --------------------------------------
>                 Key: INFRA-12309
>                 URL:
>             Project: Infrastructure
>          Issue Type: Planned Work
>          Components: Mailing Lists
>            Reporter: Chris Lambertus
>            Assignee: Chris Lambertus
>            Priority: Major
> Evaluate using check_sender_access along with mynetworks to reject mail from
that doesn't match our internal mail relays/networks. 

This message was sent by Atlassian JIRA

View raw message