From f53a59d66300285bc33355feccd953af2d62b3b3 Mon Sep 17 00:00:00 2001
From: Naglfar <naglfar@tilde.team>
Date: Thu, 21 Nov 2019 18:08:16 +0000
Subject: [PATCH] adding reject_rbl_client declaration into the
 smtpd_recipient_restrictions to reject Spam

---
 roles/shell/files/etc/postfix/main.cf | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/roles/shell/files/etc/postfix/main.cf b/roles/shell/files/etc/postfix/main.cf
index 304ca24..eebcf40 100644
--- a/roles/shell/files/etc/postfix/main.cf
+++ b/roles/shell/files/etc/postfix/main.cf
@@ -48,7 +48,20 @@ smtpd_sasl_path = private/auth
 smtpd_sasl_auth_enable = yes
 smtpd_sasl_security_options = noanonymous
 smtpd_sasl_local_domain = $myhostname
-smtpd_recipient_restrictions = permit_mynetworks,permit_auth_destination,permit_sasl_authenticated,reject
+#Allow ONLY authenticated users to send email
+smtpd_recipient_restrictions =
+ permit_mynetworks,
+ permit_sasl_authenticated,
+ permit_auth_destination,
+ reject_invalid_hostname,
+ reject_unauth_pipelining,
+ reject_non_fqdn_sender,
+ reject_non_fqdn_recipient,
+ reject_unknown_sender_domain,
+ reject_unknown_recipient_domain,
+ reject_rbl_client sbl.spamhaus.org,
+ reject_rhsbl_sender dbl.spamhaus.org
+ 
 
 milter_protocol = 2
 milter_default_action = accept