I recently implemented "smtpd_sender_restrictions = check_sender_mx_access cidr:/etc/postfix/sender_mx_access" on Postfix 2.3.3 running on Ubuntu 6.10.
$ cat /etc/postfix/sender_mx_access 0.0.0.0/8 REJECT MX in IANA reserved network 127.0.0.0/8 REJECT MX in loopback network 10.0.0.0/8 REJECT MX in non-routable network 169.254.0.0/16 REJECT MX in non-routable network 172.16.0.0/12 REJECT MX in non-routable network 192.168.0.0/16 REJECT MX in non-routable network 224.0.0.0/4 REJECT MX in multicast network 240.0.0.0/4 REJECT MX in IANA reserved network Turning this on, however, led to some unexpected failures when email was sent from my own domain: Jul 30 11:43:34 mail.example.com postfix/smtpd[28463]: NOQUEUE: reject: RCPT from server1.example.com[10.1.0.1]: 554 5.7.1 < [EMAIL PROTECTED]>: Sender address rejected: MX in loopback network; from=<[EMAIL PROTECTED]> to=<[EMAIL PROTECTED]> proto=ESMTP helo=<server1.example.local> A dig shows that the MX record for sub1.example.com is mail.example.com (a public IP address). How does postfix decide that it's running on the loopback network, then? Thanks for the help. -HKS
