Mitigate smuggling setting smtpd_discard_ehlo_keywords.
This commit is contained in:
parent
5fc53ea968
commit
cfc40d98ca
|
@ -621,6 +621,9 @@ smtpd_recipient_restrictions =
|
|||
reject_rbl_client {{ postfix_rbl_list }}
|
||||
{% endif %}
|
||||
|
||||
{% if postfix_mx_server %}
|
||||
smtpd_discard_ehlo_keywords = chunking
|
||||
{% endif %}
|
||||
smtpd_client_restrictions =
|
||||
permit_mynetworks
|
||||
permit_inet_interfaces
|
||||
|
@ -654,6 +657,7 @@ smtpd_sasl_authenticated_header = yes
|
|||
broken_sasl_auth_clients = yes
|
||||
# Block clients that speak too early.
|
||||
smtpd_data_restrictions = reject_unauth_pipelining
|
||||
smtpd_discard_ehlo_keywords = chunking
|
||||
{% endif %}
|
||||
{% if postfix_reject_sender_login_mismatch %}
|
||||
smtpd_sender_login_maps =
|
||||
|
|
Loading…
Reference in New Issue