On Sun, Nov 23, 2008 at 3:35 AM, mouss <[EMAIL PROTECTED]> wrote: > As Henrik says, you can break them with /x.
Got it to work after realizing a blank space is needed in front of the continuation lines... > Note that in this example, pcre is too much. a hash (or cdb) will do fine: > > virtualdomain1.com REJECT > virtualdomain2.com REJECT There is another (PCRE) clause in the file to prepend a header, though I suppose I could split it in two files since cdbs are faster to discern domains. >> .. in the end, thinking that the ones that are not explicitly rejected >> should be allowed in the context of this PCRE table. But since the >> table is called from smtpd_recipient_restrictions, such a statement >> creates an open relay. > it doesn't look like you need that line anyway (you want to continue > processing other checks, no?). > > Anyway, when such checks are to be performed before > reject_unauth_destination, it is safer to put them in > smtpd_sender_restrictions. Correct. But does Postfix know about the recipient information at smtpd_sender_restrictions stage to check for recipient access? I should re-read the stage document but it seems, if I remember correctly, that both the sender and recipient information are validated at the same time (i.e. a failed smtpd_sender_restrictions check doesn't produce an error until after RCPT TO has been issued). Ville
