Hello, I would like to whitelist a specific host, because it is currently listed in the zen rbl, but I am unable to do so.
Here is a sample log of the rejected host connecting to my postfix: Aug 4 14:17:17 petole postfix/smtpd[23545]: connect from 225.96.68-86.rev.gaoland.net[86.68.96.225] Aug 4 14:17:17 petole postfix/smtpd[23545]: setting up TLS connection from 225.96.68-86.rev.gaoland.net[86.68.96.225] Aug 4 14:17:17 petole postfix/smtpd[23545]: TLS connection established from 225.96.68-86.rev.gaoland.net[86.68.96.225]: TLSv1 with cipher ADH-AES256-SHA (256/256 bits) Aug 4 14:17:18 petole postfix/smtpd[23545]: NOQUEUE: reject: RCPT from 225.96.68-86.rev.gaoland.net[86.68.96.225]: 554 5.7.1 Service unavailable; Client host [86.68.96.225] blocked using zen.spamhaus.org; http://www.spamhaus.org/query/bl?ip=86.68.96.225; from=<[EMAIL PROTECTED]> to=<[EMAIL PROTECTED]> proto=ESMTP helo=<demisel.dyndns.org> Aug 4 14:17:18 petole postfix/smtpd[23545]: disconnect from 225.96.68-86.rev.gaoland.net[86.68.96.225] - I added the following line (full postconf -n below) to the smtpd_recipient_restrictions, before the rbl check: check_client_access hash:/etc/postfix/client_access - /etc/postfix/client_access contains: demisel.dyndns.org OK - the full configuration: petole:~# postconf -n alias_maps = hash:/etc/aliases append_dot_mydomain = no config_directory = /etc/postfix disable_mime_output_conversion = yes header_checks = regexp:/etc/postfix/header_checks inet_protocols = all local_recipient_maps = hash:/etc/postfix/local_recipients, $alias_maps mailbox_size_limit = 0 mailbox_transport = cyrus maximal_queue_lifetime = 60d message_size_limit = 0 mydestination = localhost, localhost.localdomain, petole, petole.lan, petole.dyndns.org, petole.demisel.net mydomain = $myhostname myhostname = petole.dyndns.org relay_domains = demisel.dyndns.org relay_recipient_maps = hash:/etc/postfix/relay_recipients relayhost = [mail.club-internet.fr] smtp_tls_CAfile = /etc/postfix/ssl/cacert.pem smtp_tls_loglevel = 1 smtp_tls_security_level = may smtpd_helo_required = yes smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_client_access hash:/etc/postfix/client_access, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_invalid_hostname, reject_unknown_hostname, reject_unknown_sender_domain, reject_rbl_client zen.spamhaus.org, permit smtpd_tls_cert_file = /etc/postfix/ssl/petole-crt.pem smtpd_tls_key_file = /etc/postfix/ssl/petole-key.pem smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_security_level = may smtpd_tls_session_cache_timeout = 3600s Any help would be appreciated, Thanks, -- Nicolas
