Thanks Bill...
this is my restrictions config:
From: Bill Cole <postfixlists-070...@billmail.scconsult.com>
To: Postfix users <postfix-users@postfix.org>
Sent: Tuesday, July 26, 2016 3:00 PM
Subject: Re: REJECT and "optional text" question...
On 26 Jul 2016, at 7:52, Pedro David Marco wrote:
> Thanks Wietse...
>
> yes, i have a check_sender_access - after- the check_client_access,
> buti must be doing something wrong because the reject should have been
> done bythe check_client_access:
> check_client_access
> hash:/etc/postfix/special_clients
> check_sender_access
> regexp:/etc/postfix/special_senders
Since those directives must be in one or more smtpd restriction lists,
which are run in a strict order, just knowing hat you have hem somewhere
in that order isn't enough information. This is why the subscription
message for this list includes the same instructions as the last section
of Postfix's DEBUG_README: provide the output of 'postconf -n' not just
fragments of main.cf.
> Postfix does not complain at all about files fomat but...Wietse, is
> the syntax correct? (for special_clients file)
> 205.201.128.108 REJECT You are blacklisted
That should work. Did you run 'postmap
hash:/etc/postfix/special_clients' after adding that line? Maps in
'hash' format must be converted from text to binary format using postmap
for Postfix to use them.
> i have also tried...
>
> 205.201.128.0/24 REJECT You are blacklisted
That would be suitable in a 'cidr' table but in a 'hash' table it would
not work. To get the same effect in 'hash' format, you could use this:
205.201.128 REJECT You are blacklisted
> how do i reject from that IP with that text???
Correct your configuration :)
What *exactly* is wrong with your configuration is not obvious without
more information. My *guesses* about the most likely causes for your
problem are:
1. You need to postmap your special_clients file to create the binary
form.
2. Your check_client_access and check_sender_access directives are in
different restriction lists such that check_sender_access is being hit
first, despite being later in main.cf.
3. There's some other more complex problem which is entirely invisible
to us because we don't know enough about your configuration yet.
