On Wed, Oct 15, 2008 at 12:51:32PM +0400, Nikita Kipriyanov wrote:
> smtpd_restriction_classes = insiders_only
> insiders_only = check_sender_access mysql:/etc/postfix/insiders.cf, reject
>
> smtpd_recipient_restrictions = ..., check_recipient_access
> mysql:/etc/postfix/protected_destinations.cf, ...
>
> --- insiders.cf ---
> hosts = localhost
> user = mail
> password = password
> dbname = mail
> query = SELECT 1 FROM `insiders` WHERE `address`='%s'
I don't recall "1" being a valid documented access(5) action. Consider
query = SELECT 'OK' FROM 'insiders' WHERE 'address'='%s'
(the quotes around 'insiders' and 'address' are optional when these are
not reserved words in your SQL database. This said always quoting is a
good habit).
> --- protected_destinations.cf ---
>
> hosts = localhost
> user = mail
> password = password
> dbname = mail
> query = SELECT 'insiders_only' FROM `lists` WHERE
> CONCAT(`listName`,'@list.domain')='%s' limit 1
This is not efficient, because it can't be indexed. Consider using a
"domain=" filter in the table definition and
listName = '%u'
in the WHERE clause. Otherwise every query is a table scan.
--
Viktor.
Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.
To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:[EMAIL PROTECTED]>
If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.
