Re: valid syntax smtpd_recipient_restrictions = check_sender_access ?
- On 04/29/2011 05:34 AM, Jurvis LaSalle wrote:
> In the docs here: http://www.postfix.org/RESTRICTION_CLASS_README.html#externalAll restrictions are valid where the documentation indicates they are valid.
>> smtpd_recipient_restrictions =
>> check_sender_access hash:/etc/postfix/restricted_senders
>> ...other stuff...
> Is this a typo or can you use check_sender_access with smtpd_recipient_restrictions?
The smtpd_mumble_restrictions are applied to different stages of the
SMTP transaction: connect, HELO, mail from, rcpt to, data.
Since the sender address is known at the rcpt to stage, it is valid to
check the sender at that point.
This allows one to do such things as:
smtpd_recipient_restrictions = permit_mynetworks,
check_sender_access hash:/etc/postfix/bad_senders, permit
If /etc/postfix/bad_senders contains the following:
bad_user REJECT You're bad!
This means that that sender can send mail only when he connects from a
client in $mynetworks.
From anywhere else he will be refused.
Postfix' access model allows enormous flexibility in what you accept or
For simple setups it is often recommended to put all your restrictions
in smtpd_recipient_restrictions for ease of maintenance, but as you can
see the above could be made arbitrarily complex by putting different
restrictions at different stages.