Re: strict domains

mouss Sat, 24 Jan 2009 11:42:32 -0800

bharathan kailath a écrit :
> the following i got  from this userlist and i tried to implement it
> without ful understanding
>


you need to read and understand
        http://www.postfix.org/RESTRICTION_CLASS_README.html

> Existing primitives can do this already.
> The example stops mail from yahoo.com/hotmail.com
> <http://yahoo.com/hotmail.com> unless it comes from
> specific systems.
>         Wietse
> smtpd_sender_restrictions =
>     check_sender_access hash:/etc/postfix/strict_sender_map
> smtpd_restriction_classes = strict_client_domain
>  
> /etc/postfix/strict_sender_map:
>     yahoo.com <http://yahoo.com> strict_client_domain reject
>     hotmail.com <http://hotmail.com> strict_client_domain reject
> 
>  

you forgot to define strict_client_domain?

see also my suggestion which doesn't use restriction classes.

> /etc/postfix/strict_client_map:
>     yahoo.com <http://yahoo.com> OK
>     hotmail.com <http://hotmail.com> OK
>     friendly.com <http://friendly.com> OK
> friendly.com <http://friendly.com> is a host that sends/forwards
> legitimate mail
> with a hotmail etc. sender address.
> 
> While we're improving, the following rules as posted would cause
> mail from hotmail etc. to be bounced when the DNS times out.
> This fixes it: do client hostname access control only when the
> name lookup produced a definite (exists / doesn't exist) result.
>     strict_client_domain =
>         reject_unknown_client
>         check_client_access hash:/etc/postfix/strict_client_map
>         reject
>     unknown_client_reject_code = 554
>         Wietse
> 
> after i incorporated this into my main.cf <http://main.cf> i started
> getting the following (to postmaster):
> 
> mailer-dae...@relay1.xxx.xx (Mail Delivery System) Add Address to Contacts
> To:    postmas...@xxx.xx (Postmaster)
> Date:    24/01/2009 04:38 PM
> Subject:    Postfix SMTP server: errors from d60-143.icpnet.pl
> <http://d60-143.icpnet.pl>[77.65.60.143]
> 
> Transcript of session follows.
> 
>  Out: 220 relay1.xxx.xx ESMTP Postfix
>  In:  HELO d60-143.icpnet.pl <http://d60-143.icpnet.pl>
>  Out: 250 relay1.xxx.xx
>  In:  MAIL FROM:<mi...@advpayroll.com <mailto:mi...@advpayroll.com>>
>  Out: 250 2.1.0 Ok
>  In:  RCPT TO:<bi...@xxx.xx>
>  Out: 451 4.3.5 Server configuration error
> 
> Session aborted, reason: lost connection
> 
> i get several messages like this;  what can be this?
>

Re: strict domains

Reply via email to