Loading ...
Sorry, an error occurred while loading the content.

267931Re: How to accept email from unknown servers

Expand Messages
  • Adam Lanier
    Aug 5, 2010
    • 0 Attachment
      On Thu, 2010-08-05 at 11:02 -0500, Noel Jones wrote:
      >
      > You should remove your smtpd_client_restrictions and
      > smtpd_helo_restrictions (and smtpd_sender_restrictions if
      > you're using it) and put everything under smtpd_recipient
      > restrictions arranged like so:
      >
      > smtpd_recipient_restrictions =
      > # allow local access
      > permit_mynetworks
      > # reject relay attempts
      > reject_unauth_destination
      > # client whitelist. Whitelist CLIENTS here. A client
      > # can be an IP or a domain name without leading dots.
      > check_client_access hash:/etc/postfix/client_whitelist
      > # local recipient blacklist
      > check_recipient_access
      > hash:/etc/postfix/denied-system-mailboxes
      > # all anti-spam restrictions go below here

      Not to hijack this thread but can I ask a question regarding your
      comment above? You recommend keeping all client/helo restriction in the
      smtpd_sender_restrictions.

      Is there any use case where the
      smtpd_client_restrictions/smtpd_helo_restrictions would be preferred
      over smtpd_sender_restrictions? If not, why are they there?

      I understand that with smtpd_delay_reject, evaluation of the status for
      client/helo/sender restrictions will not happen until the RCPT TO
      command anyway. If you had checks in smtpd_client_restrictions wouldn't
      they still be evaulated prior to checks in smtpd_recipient_restrictions?

      What's the advantage of having all checks in
      smtpd_recipient_restrictions?

      Sorry, that's more than one question :/


      --

      Sincerely,


      Adam Lanier
      Voyant Strategies Inc.
    • Show all 7 messages in this topic