Setup:
* backup MX with light anti-spam policies (for the moment)
* primary MX with current policies. Also whitelists the backup MX via
check_client_access directive and via permit_mynetworks
Question:
If a spam email makes it "in" through the backup MX and is delivered
to the primary, will the 'permit_mynetworks' or 'check_client_access'
directives prevent other checks from blocking the email? In other words,
do those two directives only apply to mail that originates from the
backup MX itself or all mail that flows through it?
Settings on the primary MX:
smtpd_recipient_restrictions =
permit_mynetworks
reject_unauth_destination
check_recipient_access hash:/etc/postfix/recipient_access.conf
check_sender_access hash:/etc/postfix/sender_access.conf
check_client_access hash:/etc/postfix/client_access.conf
check_policy_service inet:127.0.0.1:10023
reject_invalid_helo_hostname
reject_non_fqdn_helo_hostname
reject_unknown_client_hostname
reject_unknown_sender_domain
reject_unknown_recipient_domain
reject_non_fqdn_sender
reject_non_fqdn_recipient
reject_unauth_pipelining
reject_rbl_client zen.spamhaus.org
reject_rbl_client b.barracudacentral.org
Thanks for your help!
