Loading ...
Sorry, an error occurred while loading the content.

259291Re: smtpd_restrictions sanity check

Expand Messages
  • mouss
    Nov 1, 2009
    • 0 Attachment
      Alex a écrit :
      > Hi all,
      >
      > Hopefully I don't have the most frequently asked question, but I'm
      > spinning my wheels and perhaps followed some bad advice. I hoped
      > someone could look over my recipient restrictions to see if I'm making
      > some kind of mistake:
      >
      > smtpd_recipient_restrictions =
      > reject_invalid_hostname,
      > reject_non_fqdn_hostname,
      > reject_non_fqdn_sender,
      > reject_non_fqdn_recipient,
      > reject_unknown_sender_domain,
      > reject_unknown_recipient_domain,
      > reject_unauth_pipelining,
      > check_client_access hash:/etc/postfix/client_checks,
      > check_recipient_access pcre:/etc/postfix/relay_recips_checks,
      > check_helo_access hash:/etc/postfix/helo_checks,
      > check_sender_access hash:/etc/postfix/sender_checks,
      > check_sender_access hash:/etc/postfix/disallow_my_domain,
      > permit_mynetworks,
      > check_recipient_access pcre:/etc/postfix/recipient_checks,
      > reject_unauth_destination,
      > reject_maps_rbl,
      > permit
      >


      smtpd_recipient_restrictions =
      reject_non_fqdn_sender
      reject_non_fqdn_recipient
      permit_mynetworks
      #permit_sasl_authenticated
      reject_unauth_destination
      #
      reject_invalid_hostname
      reject_non_fqdn_hostname
      reject_unknown_sender_domain
      #
      check_client_access hash:/etc/postfix/client_checks
      check_recipient_access pcre:/etc/postfix/relay_recips_checks
      check_helo_access hash:/etc/postfix/helo_checks
      check_sender_access hash:/etc/postfix/sender_checks
      check_sender_access hash:/etc/postfix/disallow_my_domain
      check_recipient_access pcre:/etc/postfix/recipient_checks
      #
      reject_rbl_client zen.spamhaus.org



      > I originally had permit_mynetworks further up, but it seems
      > client_checks was then being ignored, despite the client not being on
      > my network.
      >
      > I'm now trying to provide a mail server that is not part of my
      > networks to my network.
      >
      > I also have a handful of cron scripts that run on this remote network
      > that send mail to my network, but with internal hostnames that aren't
      > resolvable once they reach my network. Do I just add them to my
      > postfix hosts file or is there a way to avoid checking the hostname
      > (sender access?) so they aren't rejected with "Sender address
      > rejected: Domain not found"?
      >
      > Thanks,
      > Alex
    • Show all 6 messages in this topic