Loading ...
Sorry, an error occurred while loading the content.
 

Re: valid syntax smtpd_recipient_restrictions = check_sender_access ?

Expand Messages
  • Jeroen Geilman
    ... All restrictions are valid where the documentation indicates they are valid. The smtpd_mumble_restrictions are applied to different stages of the SMTP
    Message 1 of 3 , Apr 29, 2011
      On 04/29/2011 05:34 AM, Jurvis LaSalle wrote:
      > In the docs here: http://www.postfix.org/RESTRICTION_CLASS_README.html#external
      >
      >
      >> /etc/postfix/main.cf:
      >> smtpd_recipient_restrictions =
      >> check_sender_access hash:/etc/postfix/restricted_senders
      >> ...other stuff...
      >>
      > Is this a typo or can you use check_sender_access with smtpd_recipient_restrictions?
      >

      All restrictions are valid where the documentation indicates they are valid.

      The smtpd_mumble_restrictions are applied to different stages of the
      SMTP transaction: connect, HELO, mail from, rcpt to, data.

      Since the sender address is known at the rcpt to stage, it is valid to
      check the sender at that point.
      This allows one to do such things as:

      smtpd_recipient_restrictions = permit_mynetworks,
      check_sender_access hash:/etc/postfix/bad_senders, permit

      If /etc/postfix/bad_senders contains the following:

      bad_user REJECT You're bad!

      This means that that sender can send mail only when he connects from a
      client in $mynetworks.
      From anywhere else he will be refused.

      Postfix' access model allows enormous flexibility in what you accept or
      reject.


      For simple setups it is often recommended to put all your restrictions
      in smtpd_recipient_restrictions for ease of maintenance, but as you can
      see the above could be made arbitrarily complex by putting different
      restrictions at different stages.



      --
      J.
    Your message has been successfully submitted and would be delivered to recipients shortly.