You could use smtpd_client_restrictions = check_client_access cidr:/etc/postfix/access , and then use DUNNO For each allowed IP/subnet (note the "cidr" db type) This will pass on the restriction to next stack. Then you finalize with 0.0.0.0/0 REJECT
I would suggest putting check_client_access in relay restrictions instead, because then you can accept mail for the local domain (the domain the postfix instance handles). If the machine however never accept mail from outside, you don't need that. -----Ursprungligt meddelande----- Från: owner-postfix-us...@postfix.org [mailto:owner-postfix-us...@postfix.org] För Gomes, Rich Skickat: den 28 december 2015 22:09 Till: postfix-users@postfix.org Ämne: allow by IP? Good day, I am making the switch from running Sendmail as an internal relay to using Postfix. With Sendmail, I can restrict relaying by IP using the /etc/mail/access file. I cannot seem to find an equivalent of this in Postfix. I have read about using smtpd_client_restrictions = check_client_access hash:/etc/postfix/access But it only "works" if I specifically say REJECT. The only method that works is to use 'mynetworks_style = subnet' (test machine happens to be on same subnet as the postfix server) but that is not what I want I want to put all the IPs I want to allow relay in a file and have postfix only read that. I don't want to put them all in main.cf, as there will be several hundred and we do not allow entire subnets, even server-based subnets. This is an internal relay used by internal applications that will either pass mail off to our Exchange server (internal users) or to the internet (external users). I won't need any other configuration. Thank you in advance Rich
smime.p7s
Description: S/MIME Cryptographic Signature
