Re: Having problems with smtpd_client_restrictions=check_client_access

Wed, 27 Aug 2008 23:51:18 -0700 

Rob Tanner wrote:



On 8/27/08 5:44 PM, Noel Jones wrote:

Rob Tanner wrote:

Hi,


I have set up a second port for postfix to listen on specifically to 
bypass the message_size_limit parameter.  Basically, we have a couple 
of IP segments that have printer scanners and the scanners email the 
scan to the user and so I also want to restrict access to the port so 
that only devices in the specific IP segments can use it.


This is the configuration for the additional port in the master.cf file:

2526      inet  n       -       n       -       -     smtpd
    -o cleanup_service_name=pre-cleanup
    -o message_size_limit=10240000

    -o smtpd_client_restrictions=check_client_access 
hash:/etc/postfix/printer_access



The contents of printer_access is:

10.169    OK
10.219    OK
10           REJECT


I don't think it should matter where the REJECT line is, but I have 
tried both in the first and the last position.  When I try to telnet 
to port 2526 fom a machine with a 10.219/16 address, the connection 
comes up momemtarily (i.e., I get the telnet connected response) and 
that's followed immediately by Connection closed by foreign host.  In 
the maillog, I see the connect and disconnect log entries and nothing 
else.  If I comment out the smtpd_client_restrictions line in 
master.cf, it connects just fine.


Any ideas about what I'm doing wrong?

Thanks,

Rob Tanner
Linfield College



Check your log more carefully...
http://www.postfix.org/DEBUG_README.html#logging

(if no warnings or "server configuration error" are logged, fix your 
syslog)


big hint:

master.cf -o arguments may not contain spaces.  Use a comma instead of 
a space.

See the "-o name=value" section near the bottom of
http://www.postfix.org/master.5.html




That was no hint.  That was the solution.  I knew about spaces on either 
side of the "=" sign but it never occurred to me that the syntax of an 
actual parameter  would be different (i.e.,  use a comma, not a space).  
I now know something I didn't know before.  Thank you and it all works now.






to avoid such problems, define variables in main.cf and use them in 
master.cf:


== main.cf:
printer_smtpd_client_restrictions =
        check_client_access hash:/etc/postfix/printer_access

== master.cf
2526      inet  n       -       n       -       -     smtpd
     -o cleanup_service_name=pre-cleanup
     -o message_size_limit=10240000
     -o smtpd_client_restrictions=${printer_smtpd_client_restrictions}























					Reply via email to