I have been trying to understand why check_ccert_access does not work
with an inline:{} table and I believe I have uncovered a subtle bug.
My investigation has focused on
https://github.com/vdukhovni/postfix/blob/master/postfix/src/global/map_search.c
To cut to the chase, I believe line 161
User Nexus:
> I've found the answer on my questions in the official Postfix
> documentation. Feel free to skip answering on this email.
> Thanks again.
There still is hope for humanity.
Wietse
User Nexus:
> My question now, is it correct to use 'check_sender_access' in
> 'smtpd_client_restrictions'
> section?
smtpd_client_restrictions (default: empty)
...
Other restrictions that are valid in this context:
o SMTP command s
2015-07-26 10:19 GMT+03:00 User Nexus :
> 2015-07-25 17:51 GMT+03:00 Wietse Venema :
>
>> > Hello Guys,
>> >
>> > I'm trying to set up some restrictions in 'smtpd_client_restrictions'
>> > Postfix config block. You
2015-07-25 17:51 GMT+03:00 Wietse Venema :
> ?:
> > Hello Guys,
> >
> > I'm trying to set up some restrictions in 'smtpd_client_restrictions'
> > Postfix config block. You can see my 'smtpd_client_restrictions'
?:
> Hello Guys,
>
> I'm trying to set up some restrictions in 'smtpd_client_restrictions'
> Postfix config block. You can see my 'smtpd_client_restrictions' block
> bellow:
>
> smtpd_client_restrictions =
&
Hello Guys,
I'm trying to set up some restrictions in 'smtpd_client_restrictions'
Postfix config block. You can see my 'smtpd_client_restrictions' block
bellow:
smtpd_client_restrictions =
permit_mynetworks,
chec
r header/body inspection
> - content_filter
>
> So milters come after smtpd_client_restrictions.
Yes and no. As far as I can tell, *not* with smtpd_delay_reject.
With the default smtpd_delay_reject=yes, milters process:
connect
helo/ehlo
mail from:
before any
On 2015-06-20 Atnakus Arzah wrote:
> What is the order in which the mail is processed through postfix? Will
> the smtpd_milters apply before the smtpd_client_restrictions?
>
> I went through the documentation on MILTER_README and
> SMTPD_ACCESS_README but the ordering is
What is the order in which the mail is processed through postfix? Will
the smtpd_milters apply before the smtpd_client_restrictions?
I went through the documentation on MILTER_README and
SMTPD_ACCESS_README but the ordering isn't clear to me.
Thanks.
--
Atnakus Arzah
When in doubt, h
Am 04.10.2014 um 16:04 schrieb li...@rhsoft.net:
can this setting to slow down spambots make it through
postscreen server made conditional to sleep 0 like
as example "smtp_connect_timeout"?
smtpd_client_restrictions = sleep 1
smtp_connect_timeout = ${stress?15}${stress:45}s
neverm
Hi
can this setting to slow down spambots make it through
postscreen server made conditional to sleep 0 like
as example "smtp_connect_timeout"?
smtpd_client_restrictions = sleep 1
smtp_connect_timeout = ${stress?15}${stress:45}s
* Wietse Venema [2014-10-01 19:03]:
> Sebastian Wiesinger:
> > Hello,
> >
> > as I see/understand it, a check_client_access lookup that returns
> > PERMIT will skip over the rest of smtpd_client_restrictions but WILL
> > still run the checks in the other sm
Sebastian Wiesinger:
> Hello,
>
> as I see/understand it, a check_client_access lookup that returns
> PERMIT will skip over the rest of smtpd_client_restrictions but WILL
> still run the checks in the other smtpd_*_restrictions classes, right?
>
> I can't fi
Am 01.10.2014 um 18:46 schrieb Sebastian Wiesinger:
> as I see/understand it, a check_client_access lookup that returns
> PERMIT will skip over the rest of smtpd_client_restrictions but WILL
> still run the checks in the other smtpd_*_restrictions classes, right?
i would say
Hello,
as I see/understand it, a check_client_access lookup that returns
PERMIT will skip over the rest of smtpd_client_restrictions but WILL
still run the checks in the other smtpd_*_restrictions classes, right?
I can't find that information in the SMTPD_ACCESS_README or other
document
he whole system
_
smtpd_client_restrictions = permit_mynetworks
permit_dnswl_client dnswl-unconditional.example.com
permit_dnswl_client dnswl-high.example.com
reject_unknown_reverse_client_hostname
permit_dnswl_client dnswl-medium.example.com
chec
a mysql lookup under the smtpd_client_restrictions, which
does
not appear to be rejecting clients when the query returns "REJECT"
(which has been confirmed to return "REJECT" using postmap -q xxx
mysql:..). When I change it to look at a hash file with the same
IP/REJECT entr
heck_client_access
>>>>> using a mysql lookup under the smtpd_client_restrictions, which
>>>>> does
>>>>> not appear to be rejecting clients when the query returns "REJECT"
>>>>> (which has been confirmed to return "REJECT"
On 4/15/14, 3:12 PM, Noel Jones wrote:
On 4/15/2014 3:02 PM, List wrote:
On 4/15/14, 2:50 PM, Noel Jones wrote:
On 4/15/2014 2:27 PM, List wrote:
I am running postfix 2.6.6 and trying to setup check_client_access
using a mysql lookup under the smtpd_client_restrictions, which does
not appear
On 4/15/2014 3:02 PM, List wrote:
> On 4/15/14, 2:50 PM, Noel Jones wrote:
>> On 4/15/2014 2:27 PM, List wrote:
>>> I am running postfix 2.6.6 and trying to setup check_client_access
>>> using a mysql lookup under the smtpd_client_restrictions, which does
>>>
On 4/15/14, 2:50 PM, Noel Jones wrote:
On 4/15/2014 2:27 PM, List wrote:
I am running postfix 2.6.6 and trying to setup check_client_access
using a mysql lookup under the smtpd_client_restrictions, which does
not appear to be rejecting clients when the query returns "REJECT"
(whic
On 4/15/2014 2:27 PM, List wrote:
> I am running postfix 2.6.6 and trying to setup check_client_access
> using a mysql lookup under the smtpd_client_restrictions, which does
> not appear to be rejecting clients when the query returns "REJECT"
> (which has been confirmed to
I am running postfix 2.6.6 and trying to setup check_client_access using
a mysql lookup under the smtpd_client_restrictions, which does not
appear to be rejecting clients when the query returns "REJECT" (which
has been confirmed to return "REJECT" using postmap -q xxx mysql:
Ah... excellent.
Thanks
On Thu, Feb 13, 2014 at 12:12 PM, Noel Jones wrote:
> On 2/13/2014 11:03 AM, Roman Gelfand wrote:
>> I am using this parameter to send message to be filtered by dspam.
>> However, I want local email to bypass dspam and go directly to mail
>> box server over lmtp.
>>
>> I
On 2/13/2014 11:03 AM, Roman Gelfand wrote:
> I am using this parameter to send message to be filtered by dspam.
> However, I want local email to bypass dspam and go directly to mail
> box server over lmtp.
>
> I am not sure why the pcre code below doesn't work for local email.
>
>
>
> /^192\.1
Am 13.02.2014 18:03, schrieb Roman Gelfand:
> I am using this parameter to send message to be filtered by dspam.
> However, I want local email to bypass dspam and go directly to mail
> box server over lmtp.
>
> I am not sure why the pcre code below doesn't work for local email.
>
> /^192\.168\.0
I am using this parameter to send message to be filtered by dspam.
However, I want local email to bypass dspam and go directly to mail
box server over lmtp.
I am not sure why the pcre code below doesn't work for local email.
/^192\.168\.0.\d{1,3}$/ lmtp:[192.168.0.246]:24
/./ FILTER dspam:dsp
On Mon, Jul 29, 2013 at 4:51 AM, Wietse Venema wrote:
> Jeffrey 'jf' Lim:
>> > Allow me to repeat my reply above:
>> >
>> > Current reject_unauth_pipelining implementations [...] don't reject
>> > clients that talk before Postfix greets them.
>> >
>> > To reject clients that talk before Postfix gr
Jeffrey 'jf' Lim:
> > Allow me to repeat my reply above:
> >
> > Current reject_unauth_pipelining implementations [...] don't reject
> > clients that talk before Postfix greets them.
> >
> > To reject clients that talk before Postfix greets them, use
> > Postscreen's pregreet detection feature.
> >
On Mon, Jul 29, 2013 at 4:13 AM, Wietse Venema wrote:
> Jeffrey 'jf' Lim:
>> On Mon, Jul 29, 2013 at 3:56 AM, Wietse Venema wrote:
>> > Jeffrey 'jf' Lim:
>> >> Am I misunderstanding something here, that setting
>> >> 'sm
Jeffrey 'jf' Lim:
> On Mon, Jul 29, 2013 at 3:56 AM, Wietse Venema wrote:
> > Jeffrey 'jf' Lim:
> >> Am I misunderstanding something here, that setting
> >> 'smtpd_client_restrictions = reject_unauth_pipelining' should reject a
> &
On Mon, Jul 29, 2013 at 3:56 AM, Wietse Venema wrote:
> Jeffrey 'jf' Lim:
>> Am I misunderstanding something here, that setting
>> 'smtpd_client_restrictions = reject_unauth_pipelining' should reject a
>> client that sends the EHLO, or HELO before th
Jeffrey 'jf' Lim:
> Am I misunderstanding something here, that setting
> 'smtpd_client_restrictions = reject_unauth_pipelining' should reject a
> client that sends the EHLO, or HELO before the smtp banner?
> (http://www.postfix.org/postconf.5.html#reject_unauth_p
Am I misunderstanding something here, that setting
'smtpd_client_restrictions = reject_unauth_pipelining' should reject a
client that sends the EHLO, or HELO before the smtp banner?
(http://www.postfix.org/postconf.5.html#reject_unauth_pipelining:
'Reject the request when the cl
On Wed, Jun 06, 2012 at 05:42:37PM +0200, Dennis Guhl wrote:
> On Wed, Jun 06, 2012 at 09:15:55AM -0600, David Boreham wrote:
>
> [How to apply a restriction at some connections only?]
>
> > What's the best way to implement this ? I think restriction
> > classes are the way to go , but I'm not 1
On Wed, Jun 06, 2012 at 09:15:55AM -0600, David Boreham wrote:
[How to apply a restriction at some connections only?]
> What's the best way to implement this ? I think restriction classes
> are the way to go , but I'm not 100% sure.
They are exactly the way to go.
See here: http://www.postfix.o
Scratching my head on whether this is possible:
I suppose I want to do something like a database 'join' in my Postfix setup.
e.g. enforce this check_client_access rule if and only if the recipient
is in one of the following domains...
This has arisen because we use MXLogic to filter inbound e
* JDL :
> p@rick,
>
> If you are referring to resolv.conf and associated files, then yes. All the
> files in /var/spool/postfix/etc match those in /etc and the data in the those
> files is correct.
And the libs?
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Univ
I have not yet run strace (as per Wietse's recommendation), but I think I may
have discovered the problem. My problem sounds very similar to the one
documented at the link below.
https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/764096
I ran a quick test and, sure enough, the post
e with leaving it off. I just normally have it on for some
> > additional security.
> >
> > I have 3 other servers that seem to work just fine with smtpd
> > chroot'ed. However, none of those 3 have any smtpd_client_restrictions.
> > This server is the only one
ave it on for some
> additional security.
>
> I have 3 other servers that seem to work just fine with smtpd
> chroot'ed. However, none of those 3 have any smtpd_client_restrictions.
> This server is the only one that has that configuration and the
> only one experiencing any problems.
M, Wietse Venema wrote:
>>
>>> JDL:
>>>> I have been working through a problem for the last couple of hours.
>>>>
>>>> If have the following set in main.cf
>>>>
>>>>smtpd_client_restrictions = reject_unknown_client_ho
* JDL :
> On May 8, 2012, at 4:19 PM, Wietse Venema wrote:
>
> > JDL:
> >> I have been working through a problem for the last couple of hours.
> >>
> >> If have the following set in main.cf
> >>
> >>smtpd_client_restrictions = r
have 3 other servers that seem to work just fine with smtpd chroot'ed.
However, none of those 3 have any smtpd_client_restrictions. This server is
the only one that has that configuration and the only one experiencing any
problems. If it was a bug, I just wanted to make sure it was rep
JDL:
> I have been working through a problem for the last couple of hours.
>
> If have the following set in main.cf
>
> smtpd_client_restrictions = reject_unknown_client_hostname
>
> and the smtpd is chroot'ed in master.cf
>
> s
I have been working through a problem for the last couple of hours.
If have the following set in main.cf
smtpd_client_restrictions = reject_unknown_client_hostname
and the smtpd is chroot'ed in master.cf
smtpd pass- - y - - smtpd
then
On Fri, Jul 22, 2011 at 09:04:37PM +0300, gaby wrote:
> I don't undestand what is difference between smtpd_client_restrictions and
> smtpd_recipient_restrictions?
Postfix has 6 top-level restriction lists:
smtpd_client_restrictions
smtpd_helo_r
Am 22.07.2011 20:04, schrieb gaby:
> I don't undestand what is difference between smtpd_client_restrictions
> and smtpd_recipient_restrictions?
the time when they are processed
for reject because of "smtpd_client_restriction" you need not to
wait for RCPT TO, but you sh
Hi
I don't undestand what is difference between smtpd_client_restrictions and
smtpd_recipient_restrictions?
Thanks
On 12/14/2009 1:17 AM, vtzan wrote:
Hello noel,
thanks for you response but it didn't worked!
Please don't top post.
If a suggestion didn't do what you expect, you'll need to show
evidence including "postconf -n" output and logging
demonstrating the unwanted behavior, and what you expected
Stan Hoeppner wrote:
vtzan put forth on 12/14/2009 1:17 AM:
Hello noel,
thanks for you response but it didn't worked!
First, did you reload postfix after editing main.cf? If not, the change
won't take effect until you reload of restart postfix. And, how do you
know it didn't work?
vtzan put forth on 12/14/2009 1:17 AM:
> Hello noel,
>
> thanks for you response but it didn't worked!
First, did you reload postfix after editing main.cf? If not, the change
won't take effect until you reload of restart postfix. And, how do you
know it didn't work? Is he still sending spam?
Hello noel,
thanks for you response but it didn't worked!
thanks
Bill
Noel Jones wrote:
On 12/11/2009 7:02 AM, Stan Hoeppner wrote:
vtzan put forth on 12/11/2009 5:46 AM:
thanks for your fast reply. But that was my PLAN B ;-)
any idea for PLAN A?
thanks alot
Bill
Hay Bill,
First off, pl
tc/postfix/relocated
sample_directory = /usr/share/doc/postfix-2.3.3/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtpd_banner = $myhostname mail..gr
smtpd_client_connection_count_limit = 50
smtpd_client_restrictions =
permit_mynetworks,permi
Stan Hoeppner a écrit :
> vtzan put forth on 12/11/2009 5:26 AM:
>> Hello all,
>>
>> I need to reject smtp connection from certain ip inside my network
>> (SPAMMER).
>
> If this is the case, it may be more effective and expedient to drop
> _all_ his traffic inbound to your Postfix host.
>
> iptab
On 12/11/2009 7:02 AM, Stan Hoeppner wrote:
vtzan put forth on 12/11/2009 5:46 AM:
thanks for your fast reply. But that was my PLAN B ;-)
any idea for PLAN A?
thanks alot
Bill
Hay Bill,
First off, please keep all replies on the postfix-users list. 2nd, send
your 'postconf -n' output and th
vtzan put forth on 12/11/2009 5:46 AM:
> thanks for your fast reply. But that was my PLAN B ;-)
> any idea for PLAN A?
>
> thanks alot
> Bill
Hay Bill,
First off, please keep all replies on the postfix-users list. 2nd, send
your 'postconf -n' output and the relevant contents of
/etc/postfix/ac
Quoting Stan Hoeppner :
vtzan put forth on 12/11/2009 5:26 AM:
Hello all,
I need to reject smtp connection from certain ip inside my network
(SPAMMER).
If this is the case, it may be more effective and expedient to drop
_all_ his traffic inbound to your Postfix host.
iptables -I INPUT -s xx
vtzan put forth on 12/11/2009 5:26 AM:
> Hello all,
>
> I need to reject smtp connection from certain ip inside my network
> (SPAMMER).
If this is the case, it may be more effective and expedient to drop
_all_ his traffic inbound to your Postfix host.
iptables -I INPUT -s xxx.xxx.xxx.xxx -j DROP
Hello all,
I need to reject smtp connection from certain ip inside my network
(SPAMMER).
I have configured the following according
http://www.postfix.org/access.5.html
and it doesn't work.
I just want to deny an ip address to send mails to the outside world!
smtpd_client_restric
fuses the n00bs.
smtpd_client_restrictions =
Usually one should have "permit_mynetworks" before you start
rejecting mail so you don't reject your own mail by mistake.
check_client_access hash:/etc/postfix/access_hash,
check_client_access regexp:/etc/postfix/access_regexp,
reject_u
On Tue, 23 Jun 2009, Jon wrote:
>> You're trying to block an entire TLD. See the access(5) manual,
>> especially the section on lookups from indexed files. You might want
>> to try "it" as a lookup key instead of ".it", given the likely
>> inclusion of smtpd_access_maps in your configuration
smtpd_client_restrictions.
smtp1:/etc/postfix# postconf -n | grep smtpd_client_restrictions
smtpd_client_restrictions =
check_client_access hash:/etc/postfix/access_hash,
check_client_access regexp:/etc/postfix/access_regexp,
reject_unknown_reverse_client_hostname,
reject_unknown_client_hostname
smtp1:/etc
_directory = no
recipient_delimiter = +
relay_domains = myDomainOne, myDomainTwo
relay_recipient_maps = hash:/etc/postfix/exchange_recipients
relayhost =
show_user_unknown_table_name = no
smtpd_banner = $myhostname Microsoft ESMTP MAIL Service, Version:
6.0.3790.1830 ready
smtpd_client_restrictions =
chec
are related to
smtpd_client_restrictions.
smtp1:/etc/postfix# postconf -n | grep smtpd_client_restrictions
smtpd_client_restrictions =
check_client_access hash:/etc/postfix/access_hash,
check_client_access regexp:/etc/postfix/access_regexp,
reject_unknown_reverse_client_hostname
I have postfix on a debian Linux (lenny, ESXi virtual) machine handling
inbound traffic for a couple domains on Microsoft Exchange 2003. I am
using transport_maps and getadsmtp.pl for my recipient list which seem
to work fine. The questions I have are related to smtpd_client_restrictions
Hi Noel!
Thank you for your further answer!
(You are right with the demand of sending configs to end guessing, of course!)
Because of your persitently drawing I was encouraged to look for other reasons
than the obvious ones. And I found my mistake, after all. Thank you!
I used to set smtpd_sas
---
Postfix 2.3.8
With this submission smtpd_client_restrictions entry I'm not able to send mails to postfix from internal subnet clients (subnet which is directly connected to the internal postfix server NIC) - with
Postfix 2.0.18 it w
ctly connected to the internal NIC and not in $mynetworks) runs without
problems.
----
Postfix 2.3.8
With this submission smtpd_client_restrictions entry I'm not able to send mails
to postfix from internal subnet clients (s
SASL authentication state.)
I've to add "permit_mynetworks" as first item to smtpd_client_restrictions to send with internal clients. "permit_sasl_authenticated" should be enough, in my opinion - especially because it runs for
external internet clients which are not member
state.)
I've to add "permit_mynetworks" as first item to smtpd_client_restrictions to
send with internal clients. "permit_sasl_authenticated" should be enough, in my
opinion - especially because it runs for
external internet clients which are not member of $mynetworks.
Where's my
Thanks!
Well if I put reject_unknown_client, my client says " Client host rejected:
cannot find your hostname, [10.160.1.193].It's refer about $myhostname ??
Well the good news is if I put only
smtpd_client_restrictions=
check_client_access hash:/etc/post
* deconya :
> Hi list
>
> Im having problems with smtpd_sender_restrictions and
> smtpd_client_restrictions options. Actually I have:
>
> smtpd_sender_restrictions =
> reject_unknown_sender_domain,
> check_sender_access hash:/etc/postfix/spammer,
>
Hi list
Im having problems with smtpd_sender_restrictions and
smtpd_client_restrictions options. Actually I have:
smtpd_sender_restrictions =
reject_unknown_sender_domain,
check_sender_access hash:/etc/postfix/spammer,
reject_non_fqdn_sender
smtpd_client_restrictions
mig schrieb:
> I wrote a policy server (that do RBL checks and dynamically disable slow RBL
> servers). I supposed the right place is the smptd_client_restrictions:
>
postfwd does asynchronous dnsbl lookups and allows to disable
non-responding lists automatically. it also has an integrated cac
rictions are evaluated with every recipient.
One reason for this is that recipient information may be used in
smtpd_client_restrictions.
> Do all items behave like this or is it only the check_policy_service? I mean,
> if everything is evaluated again on each RCPT TO, then if I place
>
> Do all items behave like this or is it only the check_policy_service? I mean,
> if everything is evaluated again on each RCPT TO, then if I place
> reject_rbl_client into smtpd_client_restrictions, the rbl check will run
> needlessly more times?
No.
--
Sahil Tandon
then if I place
reject_rbl_client into smtpd_client_restrictions, the rbl check will run
needlessly more times?
Thank you,
Jan
Dne Saturday 28 of March 2009 23:46:18 Sahil Tandon napsal(a):
> On Sat, 28 Mar 2009, mig wrote:
> > I wrote a policy server (that do RBL checks and dynamica
On Sat, 28 Mar 2009, mig wrote:
> I wrote a policy server (that do RBL checks and dynamically disable slow RBL
> servers). I supposed the right place is the smptd_client_restrictions:
>
> smtpd_client_restrictions =
> check_policy_service unix:/opt/mailfilter/clie
* mig :
> Hello,
>
> I wrote a policy server (that do RBL checks and dynamically disable slow RBL
> servers). I supposed the right place is the smptd_client_restrictions:
>
> smtpd_client_restrictions =
> check_policy_service unix:/opt/mailfilter/client_restrictions
mig:
> Hello,
>
> I wrote a policy server (that do RBL checks and dynamically disable slow RBL
> servers). I supposed the right place is the smptd_client_restrictions:
>
> smtpd_client_restrictions =
> check_policy_service unix:/opt/mailfilter/client_restrictions
Hello,
I wrote a policy server (that do RBL checks and dynamically disable slow RBL
servers). I supposed the right place is the smptd_client_restrictions:
smtpd_client_restrictions =
check_policy_service unix:/opt/mailfilter/client_restrictions
smtpd_helo_required = yes
Thomas Ackermann a écrit :
> Brian Evans - Postfix List schrieb:
>> 'Postconf -d' means "show me the DEFAULTS not what is current".
>>
>
> Uh..
>
> I already feared a realy stupid mistake on my side :)
>
> I used it in this sense, so far - but assumed that this default will be
> overwritten (
On 20.01.2009 16:07 Thomas Ackermann wrote:
> ...
> r...@localhost:/etc/postfix,$ postconf -d smtpd_client_restrictions
> smtpd_client_restrictions =
man postconf:
-d Print default parameter settings instead of actual settings.
use `postconf smtpd_client_restrictions` to see you
Brian Evans - Postfix List schrieb:
'Postconf -d' means "show me the DEFAULTS not what is current".
Uh..
I already feared a realy stupid mistake on my side :)
I used it in this sense, so far - but assumed that this default will be
overwritten (and displayed) when actually set in main.cf
S
Ralf Hildebrandt schrieb:
postconf -n shows main.cf settings, not master.cf settings
Why not use:
postconf -e "smtpd_client_restrictions=reject_invalid_hostname"
But as far as i understand, this just sets the variable in main.cf - and
there, it is already included!
To sho
Thomas Ackermann wrote:
> Hello,
> i seem to be unable to set the "smtpd_client_restrictions" Variable!
>
> In master.cf, there is an option for smtps that sets this to
> "permit_sasl_authenticated,reject".
> In main.cf, i try to set this to "reject_
* Thomas Ackermann :
> Hello,
> i seem to be unable to set the "smtpd_client_restrictions" Variable!
>
> In master.cf, there is an option for smtps that sets this to
> "permit_sasl_authenticated,reject".
> In main.cf, i try to set this to "reject_
Hello,
i seem to be unable to set the "smtpd_client_restrictions" Variable!
In master.cf, there is an option for smtps that sets this to
"permit_sasl_authenticated,reject".
In main.cf, i try to set this to "reject_invalid_hostname".
In "postconf -n" t
ram wrote:
On one of my servers I have put in main.cf
smtpd_client_restrictions = permit_mynetworks,reject
Because I want only my internal servers to use this machine as a relay.
This works as expected , but when connections come from outside
mynetworks the Error comes only after "RC
On Tue, Oct 14, 2008 at 07:43:07PM +0400, Nikita Kipriyanov wrote:
> Victor Duchovni ??:
> >Consider setting a null-mx record for the system's
> >host name:
> >
> > ahost.example.com IN MX 0 .
> >
> >
> As I understand things, it simply forces a 'fallback to A record', like
>
Victor Duchovni пишет:
Consider setting a null-mx record for the system's
host name:
ahost.example.com IN MX 0 .
As I understand things, it simply forces a 'fallback to A record', like
when there is no MX records...
Can you please explain, why this is needed?
On Tue, Oct 14, 2008 at 12:13:39PM +0400, Nikita Kipriyanov wrote:
> Yes, you can. See http://www.postfix.org/postconf.5.html#smtpd_delay_reject
> It is on by default, so postfix delays reject until RCPT TO; if you turn
> off that parameter, it will reject immediatly. But, not all mail
> software
http://www.postfix.org/postconf.5.html#smtpd_delay_reject
more to say, even better is to block external connections with firewall
ram пишет:
On one of my servers I have put in main.cf
smtpd_client_restrictions = permit_mynetworks,reject
Because I want only my internal servers to use this machine as a relay.
This works as expected , but when connections come from outside
mynetworks the Error comes only after "RC
On one of my servers I have put in main.cf
smtpd_client_restrictions = permit_mynetworks,reject
Because I want only my internal servers to use this machine as a relay.
This works as expected , but when connections come from outside
mynetworks the Error comes only after "RCPT TO:"
On Tuesday 07 October 2008 16.14.37 Victor Duchovni wrote:
> On Tue, Oct 07, 2008 at 03:13:20PM +0200, L?VAI D?niel wrote:
> > postfix/smtpd[23810]: warning: 78.131.56.68: hostname
> > 78-131-56-68.static.hdsnet.hu verification failed: no address
> > associated with name
> > postfix/smtpd[23810]: c
On Tue, Oct 07, 2008 at 03:13:20PM +0200, L?VAI D?niel wrote:
> postfix/smtpd[23810]: warning: 78.131.56.68: hostname
> 78-131-56-68.static.hdsnet.hu verification failed: no address associated
> with name
> postfix/smtpd[23810]: connect from unknown[78.131.56.68]
> postfix/smtpd[23810]: NOQUEUE:
mouss wrote:
LÉVAI Dániel wrote:
Hi!
I'm using postfix-2.5.4.
I have this in my main.cf:
smtpd_client_restrictions = check_client_access
hash:/etc/postfix/client_access, permit_sasl_authenticated,
reject_unknown_client_hostname
It seems that the reject_unknown_client_hostname is ap
1 - 100 of 106 matches
Mail list logo