On Sat, 31 Oct 2009, Alex wrote: > smtpd_recipient_restrictions = > reject_invalid_hostname, > reject_non_fqdn_hostname, > reject_non_fqdn_sender, > reject_non_fqdn_recipient, > reject_unknown_sender_domain, > reject_unknown_recipient_domain, > reject_unauth_pipelining, > check_client_access hash:/etc/postfix/client_checks, > check_recipient_access pcre:/etc/postfix/relay_recips_checks, > check_helo_access hash:/etc/postfix/helo_checks, > check_sender_access hash:/etc/postfix/sender_checks, > check_sender_access hash:/etc/postfix/disallow_my_domain, > permit_mynetworks, > check_recipient_access pcre:/etc/postfix/recipient_checks, > reject_unauth_destination,
Place this higher so you can sooner reject unauthorized relay attempts. > reject_maps_rbl, > permit This is unnecessary; remove it. > I originally had permit_mynetworks further up, but it seems > client_checks was then being ignored, despite the client not being on > my network. This is not how Postfix works, so you borked something, somewhere else in your configuration. Instead of showing a snippet of your main.cf, paste the entire output of 'postconf -n' and logging that corresponds to your problem description. > I also have a handful of cron scripts that run on this remote network > that send mail to my network, but with internal hostnames that aren't > resolvable once they reach my network. Do I just add them to my > postfix hosts file or is there a way to avoid checking the hostname > (sender access?) so they aren't rejected with "Sender address > rejected: Domain not found"? Add them to a whitelist and consult that whitelist (with check_client_access) before rejecting unknown (or non-fqdn) sender domains. -- Sahil Tandon <sa...@tandon.net>
