On Wed, Jan 21, 2009 at 04:26:27PM -0500, Jorey Bump wrote:
> Logically, it doesn't make sense to perform recipient checks before
> you know the recipient.
Okay, I'll buy that. But this still doesn't work:
smtpd_delay_reject = yes
smtpd_recipient_restrictions =
check_recipient_mx_access hash:/etc/postfix/mx_access
check_recipient_access hash:/etc/postfix/recipient_access
check_sender_access hash:/etc/postfix/sender_access
check_client_access hash:/etc/postfix/domain_access
check_helo_access hash:/etc/postfix/helo_access
reject_invalid_helo_hostname
reject_non_fqdn_helo_hostname
reject_unknown_helo_hostname
reject_unknown_sender_domain
reject_rbl_client zen.spamhaus.org
permit_mynetworks
reject_unauth_destination
check_policy_service inet:127.0.0.1:60000
# /etc/postfix/mx_access
secureserver.net REJECT
smtp.secureserver.net REJECT
If it's the first check, shouldn't all mail destined to the
secureserver.net MX be bounced? Why is it still going through?
--
"Oh, look: rocks!"
-- Doctor Who, "Destiny of the Daleks"
