On 25.03.24 16:11, Daniel Marquez-Klaka via Postfix-users wrote:
I have a problem with check_sender_access that I can't find a solution
to.
My setup actually works very well with the exception of bounce handling.
More on that later, first to describe my setup:
2 postfix mail server, one, mail-server1, is connected to the
internet, the second,
calling it list-server1, which serves a few mailing lists, is only
reachable thru
mail-server1.
On mail-server1 a transport map entry sends everything for
@list-dom.de to list-server1,
list-server1 does his work and sends all back to mail-server1 which
then delivers to
the final destination.
On list-server1, to prevent the whole world sending mails, I have
installed a
check_sender_access map to accept a few allowed domains, reject
everything else.
---- 8< ----
smtpd_sender_restrictions = check_sender_access
regexp:/etc/postfix/config/access_sender,
reject
---- 8< ----
access_sender file:
---- 8< ----
/^([a-z0-9_=\.-]+)@dom1.de/ OK
/^([a-z0-9_=\.-]+)@dom2.de/ OK
/^([a-z0-9_=\.-]+)@dom3.de/ OK
are you trying to limit allowed characters for local part of address in
those domains?
I'd recommend simple hash map, containing "dom1.de", "dom2.de", "dom3.de"
- you need not (probably should not) to use regular expressions for
everything
---- 8< ----
All fine so far, but...
... bounces, as the are send with empty FROM (<>), as I understand to
prevent loops,
get rejected to. This is a problem because nobody will ever notice if
there are dead
emails in a list. Also, automatic bounce handling (I am using mailman3
on list-server1)
will never do anything.
---- 8< ----
<test-boun...@list-dom.de>: host 10.245.16.24[10.245.16.24] said: 554
5.7.1 <>:
Sender address rejected: Access denied (in reply to MAIL FROM
command)
---- 8< ----
add "<>" or whatever you have defined as smtpd_null_access_lookup_key as
another allowed sender.
http://www.postfix.org/postconf.5.html#smtpd_null_access_lookup_key
with 10.245.16.24 being list-server1
After all googleing and manual reading I have done, I can't find a
solution and hope someone
can point me into the right direction.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Linux IS user friendly, it's just selective who its friends are...
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
