Jon Ribbens:
> On Thu, Oct 16, 2008 at 10:45:53AM -0400, Wietse Venema wrote:
> > DESCRIPTION
> > This document describes access control on remote SMTP client
> > informa-
> > tion: host names, network addresses, and envelope sender or
> > recipient
> > addresses; it is implemented by the Postfix SMTP server.
> >
> > Thus, it takes Postfix's idea of the client host name and compares
> > that name against the string "domain.tld".
>
> That can't be the whole story though, because the map can also check
> by IP address.
It is the whole story.
Postfix first develops its idea of the client's name and address
etc., and then it uses that information to query the access table.
> I assumed the map did the DNS lookup itself;
No. Postfix needs the name regardless of access map lookup. It's
used in logging, in the RECEIVED: header and other places, in SMTPD
policy server queries, and so on.
> perhaps
> this isn't true and instead smtpd calls the map twice, once with the
> DNS name and once with the IP address?
Yes.
Wietse
