Loading ...
Sorry, an error occurred while loading the content.

Re: Whitlisting ?

Expand Messages
  • Noel Jones
    ... [plain text only, please] It s not completely clear from your main.cf snippits ( postconf -n output is strongly preferred) what is rejecting this mail, I
    Message 1 of 2 , Jun 29, 2006
    • 0 Attachment
      At 05:13 PM 6/29/2006, Joey wrote:
      >I have a person whos sends email to us, but we are
      >rejecting them ( log entry here )
      >Jun 22 11:29:29 saturn postfix/smtpd[25097]: warning:
      >168.221.18.25: hostname osmtp2.dadeschools.net
      >verification failed: Name or service not known
      >Jun 22 11:29:29 saturn postfix/policy-spf[25394]: : SPF
      >none: smtp_comment=SPF: domain of sender
      ><mailto:ARico@...>ARico@... does
      >not designate mailers, header_comment=saturn.server.net:
      >domain of
      ><mailto:ARico@...>ARico@... does
      >not designate permitted sender hosts
      >Jun 22 11:29:29 saturn postfix/smtpd[25097]: NOQUEUE:
      >reject: RCPT from unknown[168.221.18.25]: 554
      ><<mailto:ARico@...>ARico@...>:
      >Sender address rejected: Access denied;
      >from=<<mailto:ARico@...>ARico@...>
      >to=<<mailto:xiomy@...>xiomy@...>
      >proto=ESMTP helo=<OSMTP2.dadeschools.net>
      >
      >I thought if I used client_access file which contains
      >dadeschools.net OK
      >
      >it would allow the mail to go through.
      >Is this a good / correct way to whitelist?
      >
      >Also what can I do to allow this to go through?

      [plain text only, please]

      It's not completely clear from your main.cf snippits
      ("postconf -n" output is strongly preferred) what is
      rejecting this mail, I suspect it's the
      "check_sender_access hash:/etc/postfix/freemail_access" in
      which case the simplest solution may be to remove
      "dadeschools.net" from your freemail_access table.

      Note that in the log entry, the client name is "unknown" -
      only the sender domain is "dadeschools.net".
      To whitelist the client, use a check_client_access table
      with the IP of the client. This table must appear before
      the rule that is causing the rejection.

      # client_whitelist
      168.221.18.25 permit_auth_destination

      # main.cf
      smtpd_recipient_restrictions =
      ...
      permit_mynetworks
      permit_sasl_authenticated
      reject_unauth_destination
      check_client_access hash:/etc/postfix/client_whitelist
      ... other stuff ...

      --
      Noel Jones
    Your message has been successfully submitted and would be delivered to recipients shortly.