On 9/7/2009 7:07 AM, Pascal Maes wrote:
Hello
Sometimes, our users are sending message to a lot of people (from our
domain) without using a mailing list.
As the SMTP server is the same to send and receive messages, if there is
an error in the list of addresses, the mail is rejected.
I hope that with the rules in the following order, the users who are
authentified could send the mail even if one of the recipient are not
valid but it doesn't seem to work :
# Restrictions sur l'expediteur et le destinataire
smtpd_recipient_restrictions =
reject_non_fqdn_recipient
reject_non_fqdn_sender
check_recipient_access hash:/etc/postfix/rules/ucllouvain
check_recipient_access hash:/etc/postfix/rules/invalid
check_recipient_access hash:/etc/postfix/rules/phishing_reply_adresses
permit_sasl_authenticated
reject_unlisted_recipient
permit_mynetworks
reject_unknown_recipient_domain
reject_unauth_destination
reject_multi_recipient_bounce
check_recipient_access hash:/etc/postfix/rules/roleaccount_exceptions
check_client_access cidr:/etc/postfix/rules/hi-med-dnswl-header
check_client_access cidr:/etc/postfix/rules/hi-med-dnswl-permit
check_sender_access hash:/etc/postfix/rules/sender_whitelist
check_client_access hash:/etc/postfix/rules/client_whitelist
check_sender_access pcre:/etc/postfix/rules/pcre_sender_whitelist
check_recipient_access hash:/etc/postfix/rules/recipient_whitelist
reject_rbl_client zen.dnsbl
reject_rbl_client sip.invaluement.dnsbl
reject_rbl_client bl.spamcop.net
reject_rbl_client safe.dnsbl.sorbs.net
permit_auth_destination
reject
The order rules are :
smtpd_helo_restrictions =
check_client_access hash:/etc/postfix/rules/access
check_recipient_access pcre:/etc/postfix/rules/listes_client_access
permit_mynetworks
permit_sasl_authenticated
reject_invalid_hostname
check_client_access hash:/etc/postfix/rules/helo_whitelist
check_recipient_access hash:/etc/postfix/rules/roleaccount_exceptions
reject_non_fqdn_hostname
check_client_access hash:/etc/postfix/files_access/spammers
check_helo_access pcre:/etc/postfix/rules/helo_checks
check_sender_mx_access cidr:/etc/postfix/rules/bogus_mx_checks
permit
smtpd_sender_restrictions =
check_recipient_access pcre:/etc/postfix/rules/listes_sender_access
check_client_access hash:/etc/postfix/rules/squirrel_ip
permit_sasl_authenticated
permit_mynetworks
reject_unknown_recipient_domain
check_sender_access hash:/etc/postfix/rules/stluc
check_sender_access hash:/etc/postfix/rules/access
check_client_access hash:/etc/postfix/rules/access
reject_unknown_sender_domain
In the logfile, I have :
Sep 7 11:38:13 smtp-3 postfix/smtpd[23156]: connect from
Ulysse.elec.ucl.ac.be[130.104.236.7]
Sep 7 11:38:13 smtp-3 postfix/smtpd[23156]: setting up TLS connection
from Ulysse.elec.ucl.ac.be[130.104.236.7]
Sep 7 11:38:13 smtp-3 postfix/smtpd[23156]: Anonymous TLS connection
established from Ulysse.elec.ucl.ac.be[130.104.236.7]: TLSv1 with cipher
AES128-SHA (128/128 bits)
Sep 7 11:38:13 smtp-3 postfix/smtpd[23156]: NOQUEUE: reject: RCPT from
Ulysse.elec.ucl.ac.be[130.104.236.7]: 550 5.1.1
<cat.franc...@uclouvain.be>: Recipient address rejected: User unknown,
see http://www.uclouvain.be/repertoires.html;
from=<pascal.m...@uclouvain.be> to=<cat.franc...@uclouvain.be>
proto=ESMTP helo=<Ulysse.elec.ucl.ac.be>
Is it possible to force postfix to accept the mail and then resend an
error message ?
Thanks
This user did not authenticate. Maybe you also need to move
permit_mynetworks above reject_unlisted_recipient.
-- Noel Jones
