Rodre Ghorashi-Zadeh wrote: > Hello, > > I am sorry, I don't know what you mean by "top post" all I did was hit > "reply" in hotmail. I tried adding this in my master.cf but it didn't work. I > think the problem is that check_recipient_mx_access is expecting an "access" > table type and not a CIDR table type: > > check_recipient_mx_access type:table > Search the specified access(5) database for the MX hosts for the RCPT TO > domain, and execute the corresponding action. Note: a result of "OK" is not > allowed for safety reasons. Instead, use DUNNO in order to exclude specific > hosts from blacklists. This feature is available in Postfix 2.1 and later. > > Can anyone confirm or deny? > An access formatted table does not care which type as long as it returns values that are expected. Any supported table type is valid for access tables. man 5 cidr_table for details as what is expected on the left hand side. access(5) values are expected on the right hand side.
Brian > ~Rod > > ---------------------------------------- > >> Date: Wed, 20 Aug 2008 14:57:31 -0500 >> From: [EMAIL PROTECTED] >> To: [EMAIL PROTECTED]; postfix-users@postfix.org >> Subject: Re: Transport Based on Destination MX record and not Destination >> Domain? >> >> Rodre Ghorashi-Zadeh wrote: >> >>> Hello, >>> >>> Thanks for your response. According to http://www.postfix.org/access.5.html >>> the filter would override my content_filter setting in main.cf, which I am >>> currently using with amavisd-new: >>> >>> FILTER transport:destination >>> After the message is queued, send the entire mes- >>> sage through the specified external content filter. >>> The transport:destination syntax is described in >>> the transport(5) manual page. More information >>> about external content filters is in the Postfix >>> FILTER_README file. >>> >>> Note: this action overrides the content_filter set- >>> ting, and currently affects all recipients of the >>> message. >>> >>> This feature is available in Postfix 2.0 and later. >>> >>> >>> >>> Is this definitely the case? >>> >>> ~Rod >>> >> Please don't top-post, it makes the thread hard to follow. >> >> You are awarded extra credit for reading the docs, and then >> asking an intelligent question. >> >> However, you seem to have missed part of my answer. >> As I said earlier: >> >> >>>> If you are using a content_filter, the setup is a little more >>>> complicated... The check_recipient_mx_access table must be >>>> defined in master.cf in the after-filter smtpd listener. >>>> >>>> >> So instead of changing main.cf you would edit master.cf and >> find the smtpd listener where mail comes back into postfix >> from your content_filter (usually port 10025) and add to that: >> >> -o >> smtpd_sender_restrictions=check_recipient_mx_access,cidr:/etc/postfix/smarthost.cidr >> >> Note the only space in the above line is between "-o" and >> "smtp_sender..." >> >> The smarthost.cidr table would be the same in either case. >> >> -- >> Noel Jones >> >> >> >>> ---------------------------------------- >>> >>>> Date: Tue, 19 Aug 2008 22:56:38 -0500 >>>> From: [EMAIL PROTECTED] >>>> To: [EMAIL PROTECTED]; postfix-users@postfix.org >>>> Subject: Re: Transport Based on Destination MX record and not Destination >>>> Domain? >>>> >>>> Rodre Ghorashi-Zadeh wrote: >>>> >>>>> Hello List, >>>>> >>>>> This is my first post to this list so please excuse any indiscretions. I >>>>> have a problem where my carrier's/ISP entire CIDR/Subnet is blacklisted >>>>> by some email carriers. My ISP does provide a relay/smarthost for >>>>> outbound SMTP but it doesn't use TLS, so I don't want to route all of our >>>>> company's email through it by setting the 'relayhost' parameter. I have >>>>> been able to put the destination domains in the /etc/postfix/transport >>>>> file and use my ISPs smarthost as the next hop MTA, however, I noticed >>>>> that most of the destination domains I am experiencing problems with are >>>>> all being handled by a specific email carrier. What I want to do is put >>>>> that email carriers entire CIDR into my postfix configuration and >>>>> basically say "if the MX host for any destination domains IP address >>>>> belongs to this CIDR, use my ISPs smarthost, instead of having to add the >>>>> domains one at a time. Is this possible? >>>>> >>>>> ~Rodre >>>>> >>>>> >>>> You can use a check_recipient_mx_access map with a FILTER >>>> action to set the next-hop destination to your IPS' smarthost. >>>> http://www.postfix.org/postconf.5.html#check_recipient_mx_access >>>> http://www.postfix.org/access.5.html >>>> >>>> # main.cf >>>> smtpd_sender_restrictions = >>>> check_recipient_mx_access cidr:/etc/postfix/smarthost.cidr >>>> >>>> # smarthost.cidr >>>> 10.11.12.0/24 FILTER smtp:my.isp.smarthost >>>> >>>> >>>> If you are using a content_filter, the setup is a little more >>>> complicated... The check_recipient_mx_access table must be >>>> defined in master.cf in the after-filter smtpd listener. >>>> >>>> -- >>>> Noel Jones >>>> >>> _________________________________________________________________ >>> >>> > > _________________________________________________________________ > >
