259300Re: smtpd_restrictions sanity check
- Nov 1, 2009Alex a écrit :
> Hi,yes. but it is worth investing your time to implement SASL instead.
>> smtpd_recipient_restrictions =
>> check_client_access hash:/etc/postfix/client_checks
>> check_recipient_access pcre:/etc/postfix/relay_recips_checks
>> check_helo_access hash:/etc/postfix/helo_checks
>> check_sender_access hash:/etc/postfix/sender_checks
>> check_sender_access hash:/etc/postfix/disallow_my_domain
>> check_recipient_access pcre:/etc/postfix/recipient_checks
>> reject_rbl_client zen.spamhaus.org
> How about pop-before-smtp? Would I add the check_client_access
> immediately after permit_mynetworks above?
if you use pop before smtp, use a dedicated file and use it before
reject_unauth_destination (so that they can relay).
> Will this configuration above prevent DSL or cable users withoutthis is only informational.
> reverse, only forward DNS from being accepted? I keep receiving the
> Nov 1 15:34:42 smtp01 postfix/smtpd: warning: 22.214.171.124:
> hostname host6714200122235.direcway.com verification failed: Host not
> The IP is in the popb4smtp db, but they still receive a relaying denied message:make sure the pop4smtp check comes before reject_unauth_destination. if
> Nov 1 14:32:44 smtp01 postfix/smtpd: reject: RCPT from
> unknown[126.96.36.199]: 554 <John@...>: Relay access denied;
> from=<joe3135@...> to=<John@...>
this is the case and you still see "Relay access denied", check that
the IP of the client is in the map at the time of the check. and of
course, the map should return OK for the IP.
- << Previous post in topic