Re: smtpd_recipient_restrictions values
- On Thu, Jun 26, 2008 at 11:48:57PM +0200, yannick chrysostome wrote:
> so if I get it rightNo, it means that authenticated senders are "OK" and not subjected to
> means that the sender has to be authenticated before Postfix delivers
> the mail to the recipient ?
*further* recipient restriction processing. As there are no further
resetrictions in your example, everyone is allowed, and you'd have
an open-relay, but Postfix will not allow you to do this.
In practice you'll have additional checks, some permissive, and some
restrictive. They are evaluated in order. At least one has to be
a check that blocks by default after making appopriate exceptions.
The full list of checks that satisfy this requirement is:
reject - Unconditional hard error
defer - Unconditional soft error
defer_if_permit - Soft error if otherwise permitted
reject_unauth_destination - Reject "relay" attempts
check_relay_domains - Obsolete relay check with warts (don't use).
To allow relaying with SASL an MX host that is also used by users for
# Uncomment RBL check if volume below their limits?
# reject_rbl_client zen.spamhaus.org
# Other anti-spam checks on inbound mail
Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.
To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.