I'm trying to allow client connections from only two places:
a known ip
a specific domain served at gmail
And delivery only to local recipients.
Relevant parts of main.cf:
mynetworks = 127.0.0.0/8 10.138.0.10/32 [::ffff:127.0.0.0]/104 [::1]/128
postfix-server-domain.com otherdomain.com
smtpd_client_restrictions =
permit_mynetworks,
hash:/etc/postfix/ok_to_receive_from
# reject
smtpd_sender_restrictions =
hash:/etc/postfix/ok_to_receive_from,
permit_mynetworks,
reject
smtpd_recipient_restrictions =
permit_mynetworks,
reject
Questions:
1. In the log, mynetworks_core shows only IP addrs, and does not include
the domain names I listed with it.
Is mynetworks restricted to IP addrs?
2. I see the following in the log:
< mail-pf1-f170.google.com[209.85.210.170]: DATA
mail-pf1-f170.google.com[209.85.210.170]:
554 5.5.1 Error: no valid recipients
Why doesn't permit_mynetworks result in a valid recipient,
given that it's addressed to <someb...@postfix-server-domain.com> ?
3. Mail from <mydomain.com> at gmail comes in via the gmail relays.
Is there a way to allow only those relays, given they can change?
Thanks,
Gary
