Alex a écrit : > Hi, > >> smtpd_recipient_restrictions = >> reject_non_fqdn_sender >> reject_non_fqdn_recipient >> permit_mynetworks >> #permit_sasl_authenticated >> reject_unauth_destination >> # >> reject_invalid_hostname >> reject_non_fqdn_hostname >> reject_unknown_sender_domain >> # >> check_client_access hash:/etc/postfix/client_checks >> check_recipient_access pcre:/etc/postfix/relay_recips_checks >> check_helo_access hash:/etc/postfix/helo_checks >> check_sender_access hash:/etc/postfix/sender_checks >> check_sender_access hash:/etc/postfix/disallow_my_domain >> check_recipient_access pcre:/etc/postfix/recipient_checks >> # >> reject_rbl_client zen.spamhaus.org > > How about pop-before-smtp? Would I add the check_client_access > immediately after permit_mynetworks above? >
yes. but it is worth investing your time to implement SASL instead. if you use pop before smtp, use a dedicated file and use it before reject_unauth_destination (so that they can relay). > Will this configuration above prevent DSL or cable users without > reverse, only forward DNS from being accepted? I keep receiving the > following: > > Nov 1 15:34:42 smtp01 postfix/smtpd[28620]: warning: 67.142.235.122: > hostname host6714200122235.direcway.com verification failed: Host not > found > this is only informational. > The IP is in the popb4smtp db, but they still receive a relaying denied > message: > > Nov 1 14:32:44 smtp01 postfix/smtpd[23790]: reject: RCPT from > unknown[67.142.235.122]: 554 <j...@mydomain.com>: Relay access denied; > from=<joe3...@inside.mydomain.com> to=<j...@mydomain.com> > make sure the pop4smtp check comes before reject_unauth_destination. if this is the case and you still see "Relay access denied", check that the IP of the client is in the map at the time of the check. and of course, the map should return OK for the IP.
