El dom, 07-07-2024 a las 12:51 +0200, John Fawcett via Postfix-users escribió: > > On 07/07/2024 06:18, Nick Edwards via Postfix-users wrote: > > > Master: > > > > smtps inet n - n - - smtpd > > -o smtpd_client_restrictions=$submission_client_restrictions > > -o smtpd_recipient_restrictions=$submission_recipient_restrictions > > -o smtpd_tls_wrappermode=yes > > -o smtpd_sasl_auth_enable=yes > > -o receive_override_options=no_header_body_checks > > -o smtpd_helo_restrictions= > > -o smtpd_sender_restrictions= > > -o smtpd_data_restrictions= > > -o smtpd_client_connection_rate_limit=1000 > > -o content_filter= > > > > submission inet n - n - - smtpd > > -o smtpd_client_restrictions=$submission_client_restrictions > > -o smtpd_recipient_restrictions=$submission_recipient_restrictions > > -o smtpd_sasl_auth_enable=yes > > -o smtpd_helo_restrictions= > > -o smtpd_sender_restrictions= > > -o smtpd_data_restrictions= > > -o receive_override_options=no_header_body_checks > > -o mynetworks=127.0.0.0/8,[::1]/128 > > -o content_filter= > > -o smtpd_client_connection_rate_limit=1000 > > -o anvil_rate_time_unit=3600 > > > > Main: > > > > submission_recipient_restrictions = > > reject_rbl_client cbl.abuseat.org=127.0.0.[2..255] > > reject_unknown_sender_domain > > reject_unknown_recipient_domain > > permit_mynetworks > > permit_sasl_authenticated > > reject > > > You'll also need to put the rbl check in the smtpd_client_restrictions > (so in submission_client_restrictions in your case). With those two > modification the evaluation of the rbl disconnection will happen upon > client connection.
Agreed on this one. > I haven't personally used the $ syntax you're using so I can't say much > about it, and the following comment may not be totally relevant, but just > in case I'll mention that in my configuration I have no $ in front of my > restriction classes. As mentioned by Allen in that case you'll need to > use the smtpd_restriction_classes configuration to tell postfix which > custom restriction classes you're defining. The $ syntax is the right thing to do in order to keep different restrictions for different services in main.cf and reference them in the corresponding service in master.cf as Nik has done. -- Victoriano Giralt Head of Systems Administration Service Central ICT Services University of Malaga +34952131415 SPAIN ================================================================== Note: signature.asc is the electronic signature of present message A: Yes. > Q: Are you sure ? >> A: Because it reverses the logical flow of conversation. >>> Q: Why is top posting annoying in email ?
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
