Ben Johnson:
[ Charset ISO-8859-1 unsupported, converting... ]
> Hello!
>
> I have found the "reject_unknown_sender_domain" and
> "reject_unknown_recipient_domain" restrictions to be very effective in
> cutting-down on spam when applied to "smtpd_recipient_restrictions".
> Surely, there will be false-positives, but this is a small, private
> server and the "risk is worth the reward" for my particular use-case.
>
> One problem I am having, however, is that I seem not to be able to
> exempt certain sender domains from the restrictions.
Place check_recipient_access before reject_unknown_recipient_domain,
and check_sender_access before reject_unknown_sender_domain.
smtpd_recipient_restrictions =
permit_mynetworks
...
# Must go before whitelists.
reject_unauth_destination
reject_rbl_client ...
# exemptions (whitelists) after reject_unauth_destination
check_recipient_access hash:/etc/postfix/recipient_access
check_sender_access hash:/etc/postfix/sender_access
# blacklists after whitelists.
reject_unknown_recipient_domain
reject_unknown_sender_domain
...
With recipient_access and sender_access entries that
"OK" certain addresses or domains.
Wietse