On 2/5/2015 5:06 PM, wie...@porcupine.org (Wietse Venema) <wie...@porcupine.org (Wietse Venema)> wrote: > Charles Marcus: >> Ok... but... this sounds like you are saying that it is expected that my >> simple postmap -q test would fail, but that someone attempting to relay
> I am saying that you should RTFM the access(5) manpage and make the > queries in the order as indicated there. > > ACCESS(5) ACCESS(5) > > NAME > access - Postfix SMTP server access table > ... > EMAIL ADDRESS PATTERNS > With lookups from indexed files such as DB or DBM, or from networked > tables such as NIS, LDAP or SQL, patterns are tried in the order as > listed below: > > user@domain > Matches the specified mail address. > > domain.tld > Matches domain.tld as the domain part of an email address. > > .domain.tld > Matches subdomains of domain.tld, but only when the string > smtpd_access_maps is not listed in the Postfix par- > ent_domain_matches_subdomains configuration setting. > > user@ Matches all mail addresses with the specified user part. Ok, so what I'm trying to do is match/REJECT anyth...@domain.tld I would have read the above to mean that domain.tld would accomplish this... and now I'm trying to understand what that example means, if it doesn't mean it would reject emails to ANY recipient at that tld. Anyway, maybe Reindl is correct and I should be doing this with a transport map? I'll look into that. I had found some $random examples when googling that suggested I should be able to do this with a simple access map. Guess they were wrong. Thanks