aboutsummaryrefslogtreecommitdiff
path: root/cluster/prod/app/email/config
diff options
context:
space:
mode:
Diffstat (limited to 'cluster/prod/app/email/config')
-rw-r--r--cluster/prod/app/email/config/postfix/main.cf6
1 files changed, 5 insertions, 1 deletions
diff --git a/cluster/prod/app/email/config/postfix/main.cf b/cluster/prod/app/email/config/postfix/main.cf
index a83e5ec..5593716 100644
--- a/cluster/prod/app/email/config/postfix/main.cf
+++ b/cluster/prod/app/email/config/postfix/main.cf
@@ -77,7 +77,11 @@ smtpd_relay_restrictions =
permit_mynetworks
reject_unauth_destination
-smtpd_data_restrictions = reject_unauth_pipelining
+# Disable SMTP smuggling attacks
+# https://www.postfix.org/smtp-smuggling.html
+smtpd_forbid_unauth_pipelining = yes
+smtpd_discard_ehlo_keywords = chunking
+smtpd_forbid_bare_newline = yes
smtpd_client_connection_rate_limit = 2
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-10 00:06:56 +0000