Noel Jones a écrit :
Denis BUCHER wrote:
Hello,
I have a server with different domains on it. Some domains should only
receive emails from specific IP adresses (SPAM filtering) while other
domains should accept emails from all domains.
How could I implement this ?
I suppose I have to do a hash with the specific IPs, and add this hash
as filter for the domains that should be filtered ?
Is this correct, and could someone point me to how it should be done ?
Thanks a lot in advance,
Denis
Here's the documentation on how to do something like this:
http://www.postfix.org/RESTRICTION_CLASS_README.html
A brief example:
#main.cf
smtpd_delay_reject = yes
(this is the default; required for this example)
smtpd_restriction_classes = from_spamfilter_only
from_spamfilter_only =
check_client_access cidr:/etc/postfix/from_spamfilter.cidr
smtpd_client_restrictions =
check_recipient_access hash:/etc/postfix/filtered_domains
# filtered_domains table
# postmap this table after edits!
example.com from_spamfilter_only
other.example.org from_spamfilter_only
# from_spamfilter cidr table
# postmap not necessary.
10.1.1.0/27 OK
192.168.100.127 OK
# next line rejects any unauthorized clients
0.0.0.0/0 REJECT you must use our MX host
-- Noel Jones
Denis BUCHER wrote:
> Hello,
>
> I forgot to add an important point :
>
> * Users that use their login and password (authentified
SMTP) are of
> course allowed to send from anywhere to anywhere...
Is this
> compatible with the proposed config ?
>
>
> Thanks a lot
>
> Denis
>
Yes, that's an easy and common setup.
Rather than using smtpd_client_restrictions, we'll use
smtpd_recipient_restrictions. The rest of the config is as
the example above.
# main.cf
smtpd_recipient_restrictions =
permit_sasl_authenticated
permit_mynetworks
reject_unauth_destination
check_recipient_access hash:/etc/postfix/filtered_domains
-- Noel Jones
