Le 07/02/2011 19:18, Nikolaos Milas a écrit :
> OK Brian,
>
> Per your advice, I modified it as below:
>
>smtpd_restriction_classes = allowed_list1
>allowed_list1= check_client_access cidr:/etc/postfix/client.cidr,reject
>smtpd_recipient_restrictions =
>
> hash:/etc/postfix/protect
OK Brian,
Per your advice, I modified it as below:
smtpd_restriction_classes = allowed_list1
allowed_list1= check_client_access cidr:/etc/postfix/client.cidr,reject
smtpd_recipient_restrictions =
hash:/etc/postfix/protected_destinations,permit_mynetworks,permit_sasl_authenticated,re
On 2/7/2011 12:33 PM, Nikolaos Milas wrote:
> Thans Brian,
>
> But, could I have used "allowed_list1= check_client_access
> cidr:/etc/postfix/client.cidr,reject" ? Is this feasible?
>
Yes
> I understand from Wietse's feedback that I couldn't use CIDR lookups
> in a smtpd_restriction_classes state
Thans Brian,
But, could I have used "allowed_list1= check_client_access
cidr:/etc/postfix/client.cidr,reject" ? Is this feasible?
I understand from Wietse's feedback that I couldn't use CIDR lookups in
a smtpd_restriction_classes statement which is used in a hash table in
smtpd_recipient_res
Sorry Wietse,
I don't understand.
You mean I shouldn't have changed the true domain names / IP addresses
in my email? (I usually do in mailing list posts, it's considered proper
conduct.)
If it's needed, I can provide the actual domain names / networks / files.
Would you please clarify?
Th
On 2/7/2011 10:15 AM, Nikolaos Milas wrote:
> Hi,
>
> I am using this piece of code to restrict access to some mail aliases
> (only clients from the allowed IP addresses are permitted to send
> email to the protected email addresses):
>
>smtpd_restriction_classes = allowed_list1
>allowed_li
> where /etc/postfix/protected_destinations is for example:
>
> ...
> ali...@example.com allowed_list1
> ...
...
> However, when I try to use cidr tables (because I need to define
> subnets), it doesn't work correctly:
>
> smtpd_restriction_classes = allowed_list1
> allo
Thanks Wietse,
Sorry, I didn't notice in the documentation.
Could you please suggest any alternative with using subnetting for this
purpose?
Otherwise, we would have to include a very large number of unique IP
addresses in a hash file for client access control.
Thanks again,
Nick
On 7/2/
Nikolaos Milas:
> hash:/etc/postfix/protected_destinations
>
> where /etc/postfix/protected_destinations is the same as above
> and /etc/postfix/client.cidr is:
>
> 10.10.10.0/25 OK
> 10.10.11.0/24 OK
As documented you can't use CIDR patterns in a HASH file.
Hi,
I am using this piece of code to restrict access to some mail aliases
(only clients from the allowed IP addresses are permitted to send email
to the protected email addresses):
smtpd_restriction_classes = allowed_list1
allowed_list1 = check_client_access hash:/etc/postfix/client_acc
10 matches
Mail list logo
