Todd A. Jacobs a écrit :
> On Wed, Jan 21, 2009 at 04:26:27PM -0500, Jorey Bump wrote:
>
>> Logically, it doesn't make sense to perform recipient checks before
>> you know the recipient.
>
> Okay, I'll buy that. But this still doesn't work:
>
> smtpd_delay_reject = yes
> smtpd_recipient_restrictions =
put
permit_mynetworks
reject_unauth_destination
here please.
> check_recipient_mx_access hash:/etc/postfix/mx_access
> check_recipient_access hash:/etc/postfix/recipient_access
> check_sender_access hash:/etc/postfix/sender_access
> check_client_access hash:/etc/postfix/domain_access
> check_helo_access hash:/etc/postfix/helo_access
> reject_invalid_helo_hostname
> reject_non_fqdn_helo_hostname
> reject_unknown_helo_hostname
> reject_unknown_sender_domain
> reject_rbl_client zen.spamhaus.org
> permit_mynetworks
> reject_unauth_destination
> check_policy_service inet:127.0.0.1:60000
>
> # /etc/postfix/mx_access
> secureserver.net REJECT
> smtp.secureserver.net REJECT
>
> If it's the first check, shouldn't all mail destined to the
> secureserver.net MX be bounced? Why is it still going through?
>
- do the change suggested above
- reload postfix
- send us the output of 'postconf -n'
- show relevant logs
