mouss wrote:
[snip]
unknown_hostname_reject_code = 550
smtpd_helo_required = yes
smtpd_helo_restrictions =
reject_invalid_hostname
reject_non_fqdn_hostname
check_helo_access hash:/etc/postfix/helo_access
reject_unknown_hostname
In /etc/postfix/helo_access I will have:
mailhost.domain1.suffix OK
mailhost.domain2.suffix OK
mailhost.domain3.suffix OK
My question is related to the sequencing. With this configuration when a
valid server in my helo_access file returns an OK will it then be
processed,
or will it then move onto the "reject_unknown_hostname" and get rejected
because it does not not have a dns entry?
it will skip reject_unknown_hostname.
I realize this may be interpreted too "generally".
An OK will cause all subsequent checks in the same
smtpd_mumble_restrictions to be skipped.
but again, use check_client_access (preferably with IP addresses to
avoid problems in case of DNS failure or misconfiguration).