Todd A. Jacobs a écrit : > On Wed, Jan 21, 2009 at 10:54:49AM -0800, Todd A. Jacobs wrote: > >> I'm using postfix as a smarthost to forward mail through my upstream >> ISP. Is there any way to have postfix resolve the MX record of the >> destination domain and block outgoing mail on that basis? > > So far, this is what I have in my restrictions section: > > smtpd_helo_required = yes > smtpd_delay_reject = yes > smtpd_client_restrictions = > check_recipient_access hash:/etc/postfix/recipient_access > check_client_access hash:/etc/postfix/domain_access > check_helo_access hash:/etc/postfix/helo_access > reject_invalid_helo_hostname > reject_non_fqdn_helo_hostname > reject_unknown_helo_hostname > reject_unknown_sender_domain > reject_rbl_client sbl-xbl.spamhaus.org > reject_rbl_client postmaster.rfc-ignorant.org > permit_mynetworks > reject_unauth_destination > check_policy_service inet:127.0.0.1:60000 > smtpd_sender_restrictions = > check_sender_access hash:/etc/postfix/sender_access > smtpd_error_sleep_time = 5 > smtpd_soft_error_limit = 2 > smtpd_recipient_restrictions = > check_recipient_mx_access hash:/etc/postfix/outbound_mx >
The setting for smtpd_recipient_restrictions is invalid. your logs will tell you. Hint: postfix will prevent you from becoming an open relay. try this: smtpd_recipient_restrictions = permit_mynetworks reject_unauth_destination check_recipient_mx_access hash:/etc/postfix/outbound_mx > However, the following in outbound_mx doesn't seem to block the outbound > mail: > > smtp.secureserver.net REJECT > > What am I doing wrong here? >