Hello list,
This might be working as intended, but since it seemed a tad odd and I
couldn't find any conclusive documentation that explained it, I
figured I'd work up the courage and ask. I moved 'check_sender_access'
from the 'smtpd_sender_restrictions' to the
'smtpd_recipient_restrictions' stage, and ran a test;
Out: 220 nenya.dtnx.net ESMTP
In: EHLO arturia.xs4all.nl
Out: 250-nenya.dtnx.net
Out: 250-PIPELINING
Out: 250-SIZE 35651584
Out: 250-ETRN
Out: 250-ENHANCEDSTATUSCODES
Out: 250-8BITMIME
Out: 250 DSN
In: MAIL FROM:<urcent...@gmail.com>
Out: 250 2.1.0 Ok
In: RCPT TO:<postmas...@configcast.com>
Out: 550 5.7.1 <postmas...@configcast.com>: Recipient address rejected: You
are not a known MX for 'configcast.com'.
In: QUIT
Out: 221 2.0.0 Bye
The rejection is from the hash database specified for
'check_sender_access', which has a line for every domain this server
is responsible for, since all mail from those domains originates from
our own servers;
configcast.com REJECT You are not a known MX for
'configcast.com'.
Since there is a seperate 'check_recipient_access' as well, I was
expecting 'check_sender_access' to work for 'MAIL FROM' only, but the
above example suggests it is consulted during the recipient stage as
well, if specified there.
Is this by design, working as intended? Or am I missing something somewhere?
Postfix 2.6.3 on Debian Lenny i386.
Cya,
Jona
