Loading ...
Sorry, an error occurred while loading the content.

219473Re: Whitelisting Redux

Expand Messages
  • Dennis Putnam
    May 1, 2007
      On May 1, 2007, at 11:10 AM, Jorey Bump wrote:

      No, I meant for you to change the "smtpd_client_restrictions" entry that you provided to "smtpd_recipient_restrictions" and remove the redundant smtpd_recipient_restrictions from your configuration.

      It was. The address was wrong.

      Well, DOH! That's 2.


      To be clear, it's using the address provided during MAIL FROM (not the From: header), and you're right, that's easily spoofed. But if you want to use check_sender_access, that's what we're talking about, the envelope sender.

      I understand and see the problem. I suspected that but was hoping I was wrong. Thanks.

      Refer to Email Address Patterns in:

       man 5 access


      Thanks. I read this before but I guess I was refusing to believe there is no wildcard in the pattern matching. It appears I just can't do some of the things I wanted but there are other ways.

      Well, I sympathize, but this may be a user issue. They need to complain to the ISP or switch. Kudos for trying to solve their problem, but you may be taking on a maintenance headache. Of course, you could move your RBLs to a scoring system via a policy server or SpamAssassin if they are causing you too many problems. Using RBLs isn't required, so I guess you do bear some of the responsibility here.

      In case you haven't figured it out the user is me. Complaining to the ISP is a waste, they won't even stop themselves from being blacklisted. Besides anyone that complains is just a stupid user that knows nothing about systems. Switching is not really a cost effective option at this time. As for a maintenance headache, what is one more? :-) There are only a few users in this category so once I have it working it won't be a big deal. I just need to make sure this doesn't happen again. My Mandriva system has a cron script that reports critical files that have changed. Maybe I'll clone that script and use it here since main.cf can get changed so easily and sometimes it takes a while to notice the effects.

      I meant you must do this if you plan to use the bellsouth.net address as your sender address for outgoing mail. Outgoing mail *to* bellsouth.net is not affected by this configuration.

      Ah, I see. That is not an issue.

      After all the gyrations it looks like you got me to where I need to be. I still have no idea what was changed that made it stop working in the first place. Plus I also don't know how it could have ever worked based on what you taught me. Thanks again for saving the day for me. I owe you and adult beverage of your choice.

    • Show all 4 messages in this topic