Hi, I would like to allow mail from a known e-mail address say a...@example.com with an attachment say X to a user in my domain say u...@kenkob.co.ke ,but at the same time reject another e-mail from an e-mail address different from a...@example.com to u...@kenkob.co.ke with attachment X.
How do I implement this using header-checks? The contents of postconf -n is as below. ./postconf -n alias_database = hash:/opt/insight/etc/mail/aliases alias_maps = hash:/opt/insight/etc/mail/aliases allow_percent_hack = yes bounce_size_limit = 50000 command_directory = /opt/insight/sbin config_directory = /opt/insight/etc/postfix daemon_directory = /opt/insight/libexec debug_peer_level = 2 default_destination_concurrency_limit = 20 default_process_limit = 10 delay_warning_time = 0h disable_dns_lookups = no disable_mime_input_processing = no disable_mime_output_conversion = no disable_vrfy_command = yes error_notice_recipient = skche...@kenkob.co.ke header_checks = pcre:/opt/insight/etc/header-checks header_size_limit = 102400 hopcount_limit = 50 ignore_mx_lookup_error = yes initial_destination_concurrency = 2 local_destination_concurrency_limit = 5 local_recipient_maps = $alias_maps ldap:ldapsource mail_owner = postfix mailbox_transport = lmtp:unix:/opt/insight/var/imap/socket/lmtp max_idle = 100s max_use = 100 maximal_queue_lifetime = 5d message_size_limit = 20971520 mime_boundary_length_limit = 2048 mime_nesting_limit = 20 mydestination = $myhostname,$mydomain mydomain = kenkob.co.ke myhostname = kenkob.kenkob.co.ke mynetworks = 127.0.0.1,192.168.151.1,195.202.88.145,192.168.51.6,192.168.151.10,192.168.5 4.6,192.168.52.6,192.168.153.6,192.168.55.6 ,192.168.51.0/24,192.168.52.0/24,192.168.53.0/24,192.168.54.0/24,192.168.55. 0/24,192.168.153.0/24,192.168.154.0/24,192.168.155.0/24, 192.168.156.0/24,192.168.158.0/24,192.168.1.50 myorigin = $mydomain queue_directory = /opt/insight/var/spool/postfix queue_minfree = 0 relay_domains = $mydestination, $mydomain,192.168.151.10,192.168.51.6,192.168.153.6,192.168.52.6,192.168.53. 6,192.168.54.6,192.168.5 5.6,192.168.151.2,192.168.151.20,192.168.151.21 smtp_connect_timeout = 5s smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) smtpd_client_restrictions = permit_sasl_authenticated, permit_mynetworks smtpd_delay_reject = yes smtpd_enforce_tls = no smtpd_helo_required = yes smtpd_helo_restrictions = permit_mynetworks,warn_if_reject,reject_non_fqdn_hostname,reject_invalid_hos tname,permit smtpd_recipient_restrictions = reject_unauth_pipelining,warn_if_reject,reject_non_fqdn_recipient,permit_myn etworks,reject_unknown_re cipient_domain,check_sender_access ldap:ldapSenderAccess,ldap:ldapRecipientAccess,check_recipient_access hash:/opt/insight/etc/recep ient-access,permit_sasl_authenticated,reject_unauth_destination,reject_rbl_c lient bl.spamcop.net,permit smtpd_restriction_classes = local_sender_only, local_recipient_only smtpd_sasl_auth_enable = yes smtpd_sender_restrictions = permit_sasl_authenticated,check_sender_access hash:/opt/insight/etc/sender-access,warn_if_reject,permit_ mynetworks,reject_non_fqdn_sender,reject_unknown_sender_domain,permit smtpd_starttls_timeout = 300s smtpd_timeout = 300s smtpd_tls_CAfile = /opt/insight/etc/ssl/server.pem smtpd_tls_auth_only = no smtpd_tls_cert_file = /opt/insight/etc/ssl/server.pem smtpd_tls_cipherlist = DEFAULT smtpd_tls_key_file = /opt/insight/etc/ssl/server.pem smtpd_use_tls = yes strict_8bitmime = no strict_rfc821_envelopes = yes transport_retry_time = 60s Will appreciate any assistance. Thank you, Stephen
