Loading ...
Sorry, an error occurred while loading the content.

bypassing reject_rbl_client for certain recipients relay domain

Expand Messages
  • Andrew Long
    Is it possible to bypass the rbl checks for a specified recipient domain, ie the domain listed in relay_domains - Andrew alias_maps = hash:/etc/aliases
    Message 1 of 4 , Mar 31, 2008
    • 0 Attachment
      Is it possible to bypass the rbl checks for a specified recipient
      domain, ie the domain listed in relay_domains

      - Andrew

      alias_maps = hash:/etc/aliases
      command_directory = /usr/sbin
      config_directory = /etc/postfix
      daemon_directory = /usr/libexec/postfix
      debug_peer_level = 2
      default_destination_recipient_limit = 10
      default_process_limit = 10
      disable_vrfy_command = yes
      html_directory = no
      local_recipient_maps =
      mailq_path = /usr/bin/mailq.postfix
      manpage_directory = /usr/share/man
      mynetworks = 127.0.0.0/8, /etc/postfix/relay-ip
      newaliases_path = /usr/bin/newaliases.postfix
      readme_directory = /usr/share/doc/postfix-2.2.10/README_FILES
      relay_domains = ourdomain.com
      relay_recipient_maps = hash:/etc/postfix/relay_recipients
      relay_transport = smtp
      sample_directory = /usr/share/doc/postfix-2.2.10/samples
      sendmail_path = /usr/sbin/sendmail.postfix
      setgid_group = postdrop
      smtp_connect_timeout = 30s
      smtp_helo_timeout = 60s
      smtpd_banner = $myhostname ESMTP $mail_name
      smtpd_client_connection_count_limit = 2
      smtpd_client_connection_rate_limit = 10
      smtpd_client_event_limit_exceptions = 127.0.0.0/8
      smtpd_client_message_rate_limit = 10
      smtpd_client_recipient_rate_limit = 10
      smtpd_client_restrictions = permit_mynetworks
      smtpd_data_restrictions = reject_unauth_pipelining, permit
      smtpd_helo_required = yes
      smtpd_recipient_restrictions = reject_unknown_sender_domain,
      reject_non_fqdn_recipient, reject_unknown_recipient_domain,
      permit_mynetworks, check_recipient_access
      hash:/etc/postfix/roleaccount, reject_unauth_destination,
      check_helo_access hash:/etc/postfix/helo_checks, reject_rbl_client
      bl.spamcop.net, reject_rbl_client zen.spamhaus.org
      smtpd_reject_unlisted_sender = yes
      smtpd_sender_restrictions = reject_unknown_sender_domain,
      reject_non_fqdn_sender, check_sender_access
      hash:/etc/postfix/sender_access
      unknown_local_recipient_reject_code = 550
    • mouss
      ... yes, check_recipient_access that returns OK for that domain will do, if placed just before the rbl checks. of course, this will skip all subsequent checks,
      Message 2 of 4 , Mar 31, 2008
      • 0 Attachment
        Andrew Long wrote:
        > Is it possible to bypass the rbl checks for a specified recipient
        > domain, ie the domain listed in relay_domains
        >

        yes, check_recipient_access that returns OK for that domain will do, if
        placed just before the rbl checks. of course, this will skip all
        subsequent checks, but this is ok since you have reject_rbl_client at
        the end of the restrictions.

        > - Andrew
        >
        > alias_maps = hash:/etc/aliases
        > command_directory = /usr/sbin
        > config_directory = /etc/postfix
        > daemon_directory = /usr/libexec/postfix
        > debug_peer_level = 2
        > default_destination_recipient_limit = 10
        > default_process_limit = 10
        > disable_vrfy_command = yes
        > html_directory = no
        > local_recipient_maps =
        > mailq_path = /usr/bin/mailq.postfix
        > manpage_directory = /usr/share/man
        > mynetworks = 127.0.0.0/8, /etc/postfix/relay-ip
        > newaliases_path = /usr/bin/newaliases.postfix
        > readme_directory = /usr/share/doc/postfix-2.2.10/README_FILES
        > relay_domains = ourdomain.com
        > relay_recipient_maps = hash:/etc/postfix/relay_recipients
        > relay_transport = smtp
        > sample_directory = /usr/share/doc/postfix-2.2.10/samples
        > sendmail_path = /usr/sbin/sendmail.postfix
        > setgid_group = postdrop
        > smtp_connect_timeout = 30s
        > smtp_helo_timeout = 60s
        > smtpd_banner = $myhostname ESMTP $mail_name
        > smtpd_client_connection_count_limit = 2
        > smtpd_client_connection_rate_limit = 10
        > smtpd_client_event_limit_exceptions = 127.0.0.0/8
        > smtpd_client_message_rate_limit = 10
        > smtpd_client_recipient_rate_limit = 10
        > smtpd_client_restrictions = permit_mynetworks
        > smtpd_data_restrictions = reject_unauth_pipelining, permit
        > smtpd_helo_required = yes
        > smtpd_recipient_restrictions = reject_unknown_sender_domain,
        > reject_non_fqdn_recipient, reject_unknown_recipient_domain,
        > permit_mynetworks, check_recipient_access
        > hash:/etc/postfix/roleaccount, reject_unauth_destination,
        > check_helo_access hash:/etc/postfix/helo_checks, reject_rbl_client
        > bl.spamcop.net, reject_rbl_client zen.spamhaus.org
        > smtpd_reject_unlisted_sender = yes
        > smtpd_sender_restrictions = reject_unknown_sender_domain,
        > reject_non_fqdn_sender, check_sender_access
        > hash:/etc/postfix/sender_access
        > unknown_local_recipient_reject_code = 550
        >
      • Andrew Long
        So something like: smtpd_recipient_restrictions = reject_unknown_sender_domain, reject_non_fqdn_recipient, reject_unknown_recipient_domain, permit_mynetworks,
        Message 3 of 4 , Mar 31, 2008
        • 0 Attachment
          So something like:

          smtpd_recipient_restrictions =
          reject_unknown_sender_domain,
          reject_non_fqdn_recipient,
          reject_unknown_recipient_domain,
          permit_mynetworks,
          check_recipient_access hash:/etc/postfix/roleaccount,
          reject_unauth_destination,
          check_helo_access hash:/etc/postfix/helo_checks,
          check_recipient_access hash:/etc/postfix/skip_rbl_checks
          reject_rbl_client bl.spamcop.net, reject_rbl_client zen.spamhaus.org

          -- /etc/postfix/skip_rbl_checks ---
          ourdomain.com OK

          - Andrew
        • mouss
          ... yes.
          Message 4 of 4 , Mar 31, 2008
          • 0 Attachment
            Andrew Long wrote:
            > So something like:
            >
            > smtpd_recipient_restrictions =
            > reject_unknown_sender_domain,
            > reject_non_fqdn_recipient,
            > reject_unknown_recipient_domain,
            > permit_mynetworks,
            > check_recipient_access hash:/etc/postfix/roleaccount,
            > reject_unauth_destination,
            > check_helo_access hash:/etc/postfix/helo_checks,
            > check_recipient_access hash:/etc/postfix/skip_rbl_checks
            > reject_rbl_client bl.spamcop.net, reject_rbl_client zen.spamhaus.org
            >
            > -- /etc/postfix/skip_rbl_checks ---
            > ourdomain.com OK
            >
            >

            yes.
          Your message has been successfully submitted and would be delivered to recipients shortly.