On Mon, 2009-02-16 at 08:26 -0500, Digest of postfix-users list wrote: > Ali Nebi a écrit : > > [snip] > > > > smtpd_client_restrictions = > > permit_mynetworks, > > permit_sasl_authenticated, > > check_client_access hash:/etc/postfix/access,
> you are "sharing" this map (for client, sender, and recipient). better > use "dedicated" maps (access_client, access_sender, access_recipient). Ok, now i got it. this way i can control the maps in different sections. And if i add an entry in one of the maps, then it will be affect only to this map and to this restriction. > > > reject_unauth_pipelining, > > # reject_unknown_client, > > reject_rbl_client sbl-xbl.spamhaus.org, > > consider using zen.spmahaus.org instead (this > > > reject_rbl_client rbl-plus.mail-abuse.org, > > I wouldn't use this one. not onlybecause it's commercial... > > > reject_rbl_client cbl.abuseat.org, > > cbl prefer that you query spamhaus instead. > Thanks for the information about RBL's, these rbls was set long time ago, and we have not updated them. I just checked the information and updated them with new rbls. :) zen.spamhouse spamcop and so on :) > > [snip] > > > > smtpd_recipient_restrictions = > > permit_mynetworks, > > permit_sasl_authenticated, > > check_recipient_access hash:/etc/postfix/access, > > check_sender_access hash:/etc/postfix/access, > > it is still here (up). and this is before reject_unauth_destination. > > > reject_unauth_destination, > > reject_unknown_recipient_domain, > > reject_non_fqdn_recipient, > > at this point, the recipient is in _your_ domain (because > reject_unauth_destination has alreday rejected all other domains). so > this check is useless. > > > reject_unauth_pipelining, > > this too is useless here. put it under smtpd_data_restrictions. > > > permit > > > > ? > > > > consider starting from the "version" below and > > smtpd_helo_required = yes > smtpd_client_restrictions = > smtpd_helo_restrictions = > smtpd_sender_restrictions = > > > smtpd_recipient_restrictions = > reject_non_fqdn_sender > reject_non_fqdn_recipient > permit_mynetworks > permit_sasl_authenticated > reject_unauth_destination > reject_sender_login_mismatch > reject_invalid_hostname > reject_non_fqdn_hostname > check_recipient_access hash:/etc/postfix/access_recipient > check_client_access cidr:/etc/postfix/access_client > check_helo_access hash:/etc/postfix/access_helo > check_sender_access hash:/etc/postfix/access_sender > reject_unknown_sender_domain > reject_rbl_client zen.spamhaus.org, > > > smtpd_data_restrictions = > reject_unauth_pipelining > > PS. note the access_sender and access_recipient maps. I got it now. I will change my rules now. > (I wonder why your Evolution posts to my From: address instead of the > Reply-To: address. did you do anything special or is this the default > behaviour of Evolution, in which case, it would be a bug). I was copying your address to Cc field, because when i click Reply to All, it does not put your e-mail address in the list. I receive postfix mails like a digit. I will post here my last changes, so we can comment them. I will be glad to get them to work better than now. Thanks for your help and time.
