Follow Techotopia on Twitter

On-line Guides
All Guides
eBook Store
iOS / Android
Linux for Beginners
Office Productivity
Linux Installation
Linux Security
Linux Utilities
Linux Virtualization
Linux Kernel
System/Network Admin
Programming
Scripting Languages
Development Tools
Web Development
GUI Toolkits/Desktop
Databases
Mail Systems
openSolaris
Eclipse Documentation
Techotopia.com
Virtuatopia.com
Answertopia.com

How To Guides
Virtualization
General System Admin
Linux Security
Linux Filesystems
Web Servers
Graphics & Desktop
PC Hardware
Windows
Problem Solutions
Privacy Policy

  




 

 

Postfix Documentation
Previous Page Home Next Page

Restricting the scope of "success" notifications

Just like reports of undeliverable mail, DSN reports of successful delivery can give away more information about the internal infrastructure than desirable. Unfortunately, disallowing "success" notification requests requires disallowing other DSN requests as well. The RFCs do not offer the option to negotiate feature subsets.

This is not as bad as it sounds. When you turn off DSN for remote inbound mail, remote senders with DSN support will still be informed that their mail reached your Postfix gateway successfully; they just will not get successful delivery notices from your internal systems. Remote senders lose very little: they can no longer specify how Postfix should report delayed or failed delivery.

Use the smtpd_discard_ehlo_keyword_address_maps feature if you wish to allow DSN requests from trusted clients but not from random strangers (see below for how to turn this off for all clients):

/etc/postfix/
main.cf:
    
smtpd_discard_ehlo_keyword_address_maps = 
        
cidr:/etc/postfix/esmtp_access

/etc/postfix/esmtp_access:
    # Allow DSN requests from local subnet only
    192.168.0.0/28      silent-discard
    0.0.0.0/0           silent-discard, dsn
    ::/0                silent-discard, dsn

If you want to disallow all use of DSN requests from the network, use the smtpd_discard_ehlo_keywords feature:

/etc/postfix/
main.cf:
    
smtpd_discard_ehlo_keywords = silent-discard, dsn
Postfix Documentation
Previous Page Home Next Page