On Monday, July 27, 2009 at 10:56 CEST,
Zbyszek <zbi...@o2.pl> wrote:
> I googled everywhere, read how-tos but can not find solution for
> simple problem in postfix:
> I would like to have such config:
> - smtp 25/tcp; only server-server communication, only
> mail receive for local domain, no relay, no send, encryption optional,
> SPF, blocking 'servers' having ppp, adsl , dialup in domain name. No
> auth because real remote servers always do not know credentials.
> - submission 587/tcp;only send; encryption required; client->server
> - smtps SSL 465/tcp;only send; encryption required; client->server
> My problem is:
> I do not know how to:
> -make postfix only receive mail on port 25 only for local domain.
smtpd_recipient_restrictions = reject_unauth_destination
> -block incoming mail from domains containing ppp, dialup or adsl
> string in domain name.
I don't think that's a terribly good idea, but anyway:
main.cf:
smtpd_client_restrictions = check_client_access pcre:/path/to/file
/path/to/file:
/(ppp|dialup|adsl)/ REJECT
You can move the check_client_access restriction to any other
smtpd_xxx_restrictions if you want. You probably want to implement a
stricter regexp to avoid collateral damage. Stricter expressions have
been posted here in the past. Finally, this assumes that your Postfix
has PCRE support. If not, replace `pcre' with `regexp'.
--
Magnus Bäck
mag...@dsek.lth.se
