On Wed, Mar 18, 2009 at 12:56:48PM -0400, Wietse Venema wrote: > /dev/rob0: > > On Wed March 18 2009 03:06:40 Pascal Volk wrote: > > > > can i whitelist one domain from checking spamhaus ? > > > > thanks > > > > > > smtpd_recipient_restrictions = > > > ... > > > reject_unauth_destination > > > ... > > > check_client_access hash:/etc/postfix/whitelist_clients > > > check_sender_access hash:/etc/postfix/whitelist_senders > > > reject_rbl_client zen.spamhaus.org > > > ... > > > > > > /etc/postfix/whitelist_clients: > > > mailout.trusteddoma.in OK > > > # or ip address of trusted hosts > > > > > > /etc/postfix/whitelist_senders: > > > u...@trusteddoma.in OK > > > > Some comments I would add: > > > > 1. I consider it best practice to use "permit_auth_destination" rather > > than "OK" for whitelisting. That's an extra safety check in case you > > accidentally put smtpd_recipient_restrictions in the wrong order. > > That is a good point. I wonder how much would break with > > /etc/postfix/main.cf > restriction_classes = ok [... other names ...] > ok = permit_auth_destination
Well, "check_client_access" and "check_recipient_access" may not work correctly at sites where these are used to permit access for additional clients or to additional recipients. Should be safe in most cases. -- Viktor. Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the "Reply-To" header. To unsubscribe from the postfix-users list, visit http://www.postfix.org/lists.html or click the link below: <mailto:majord...@postfix.org?body=unsubscribe%20postfix-users> If my response solves your problem, the best way to thank me is to not send an "it worked, thanks" follow-up. If you must respond, please put "It worked, thanks" in the "Subject" so I can delete these quickly.