Noel Jones wrote: > Brian Evans - Postfix List wrote: >> I want a single account to only accept NDRs. Other email should be >> rejected. >> >> Would the following work correctly? >> >> smtpd_recipient_restrictions: >> ... >> check_recipient_access hash:/etc/postfix/receieve_only >> ... >> >> /etc/postfix/receieve_only: >> [EMAIL PROTECTED] check_sender_access >> hash:/etc/postfix/ndr_senders >> >> >> /etc/postfix/ndr_senders: >> >> <> OK >> * REJECT This mailbox is not available. >> > > Your logic is correct, but hash: maps don't support a wildcard entry. > Use a regexp: or pcre: map type instead. > /^<>$/ OK > /^/ REJECT mailbox not available > I've tried to implement this and it does not seem to work properly. Any advice?
mail_version = 2.4.6 postconf -n: alias_maps = hash:/etc/postfix/aliases, hash:/var/lib/mailman/data/aliases, proxy:mysql:/etc/postfix/mysql-virtual-aliases.cf append_dot_mydomain = no biff = no body_checks = regexp:/etc/postfix/body_checks bounce_size_limit = 1 config_directory = /etc/postfix disable_vrfy_command = yes header_checks = pcre:/etc/postfix/header_checks home_mailbox = .maildir/ inet_interfaces = localhost, example.com message_size_limit = 20480000 mydestination = $myhostname, localhost.$mydomain, $mydomain myhostname = mx1.example.com mynetworks = !192.168.123.4, 192.168.123.0/24, 127.0.0.0/8 myorigin = $mydomain parent_domain_matches_subdomains = proxy_interfaces = 69.48.33.25 smtpd_authorized_xclient_hosts = localhost smtpd_data_restrictions = permit_mynetworks, reject_unauth_pipelining smtpd_helo_required = yes smtpd_helo_restrictions = permit_mynetworks, reject_invalid_helo_hostname smtpd_milters = unix:/var/amavis/amavisd-milter.sock smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination, check_recipient_access hash:/etc/postfix/receieve_only, check_recipient_access hash:/etc/postfix/reject_old_redirect, reject_unlisted_recipient, reject_non_fqdn_recipient, check_client_access cidr:/etc/postfix/postfix-dnswl-permit, reject_unknown_client_hostname, check_policy_service inet:127.0.0.1:12525, check_recipient_access pcre:/etc/postfix/sender_access.pcre smtpd_restriction_classes = ndr_only smtpd_sender_restrictions = permit_mynetworks, check_sender_access pcre:/etc/postfix/sender_access.pcre, check_sender_access hash:/etc/postfix/blacklisted_senders smtpd_tls_CAfile = /etc/postfix/cacert.pem smtpd_tls_auth_only = yes smtpd_tls_cert_file = /etc/postfix/newcert.pem smtpd_tls_key_file = /etc/postfix/newkey.pem smtpd_tls_received_header = yes smtpd_tls_security_level = may smtpd_tls_session_cache_timeout = 3600s swap_bangpath = no transport_maps = hash:/etc/postfix/transport virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf ndr_only = check_recipient_access hash:/etc/postfix/ndr_senders,reject $ cat /etc/postfix/ndr_senders <> OK $ cat /etc/postfix/receieve_only [EMAIL PROTECTED] ndr_only Log: Aug 20 12:36:41 mx1 postfix/smtpd[7408]: NOQUEUE: reject: RCPT from raven.securenet-server.net[207.45.186.82]: 554 5.7.1 <[EMAIL PROTECTED]>: Recipient address rejected: Access denied; from=<> to=<[EMAIL PROTECTED]> proto=SMTP helo=<raven.securenet-server.net>
