Ok, this looks close. So the reject at the end is the only way to replicate the "if not in the "allow list", you are not authorized to "relay"?
-----Original Message----- From: owner-postfix-us...@postfix.org [mailto:owner-postfix-us...@postfix.org] On Behalf Of Wietse Venema Sent: Thursday, May 19, 2016 1:51 PM To: Postfix users <postfix-users@postfix.org> Subject: Re: postfix ignoring access file? Gomes, Rich: > Ok, my apologies. It seems some of the answers focused on "it doesn't > work like that" > > What I need is to have any IPs listed in the /etc/postfix/access file > with a directive of "OK" be allowed to send mail Any IPs attempting to > send mail to this particular mail server that are not listed in that > file are denied access. > > > Please let me know if you need more clarification You would not use this: /etc/postfix/main.cf: mynetworks = hash:/etc/postfix/access Instead, you could use this: /etc/postfix/main.cf: smtpd_client_restrictions = check_client_access cidr:/etc/postfix/client_access.cidr /etc/postfix/client_access.cidr: # Order of rules is important. 192.168.1.0/24 OK 10.0.0.0/8 OK # These wildcard patterns must be last. 0.0.0.0/0 reject ::/0 reject See also; "man cidr_table". Wietse
