Stan Hoeppner wrote:
vtzan put forth on 12/11/2009 5:46 AM:
thanks for your fast reply. But that was my PLAN B ;-)
any idea for PLAN A?
thanks alot
Bill
Hay Bill,
First off, please keep all replies on the postfix-users list. 2nd, send
your 'postconf -n' output and the relevant contents of
/etc/postfix/access. 3rd, it might be tricky doing what you are asking
because, if I understand you correctly, the IP you want to block with
smtpd is within mynetworks.
--
Stan
Hello Stan,
1.sorry forgot to "reply-all".
Yes this that is true, the IP i want to block is withing $mynetworks. ;-)
here is the postconf -n (XXXX was replaced for obvious reasons.)
alias_maps = hash:/etc/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
default_destination_concurrency_limit = 50
default_process_limit = 200
disable_vrfy_command = no
html_directory = /usr/share/doc/postfix-2.5.4-documentation/html
inet_interfaces = all
local_destination_concurrency_limit = 50
local_recipient_maps = $alias_maps unix:passwd.byname $virtual_mailbox_maps
mail_owner = postfix
mailbox_size_limit = 0
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain,
$transport_maps
mydomain = XXXX.gr
myhostname = mail.XXXX.gr
mynetworks = 1X0.1X0.0.0/16, 127.0.0.0/8
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.5.4-documentation/readme
recipient_bcc_maps = hash:/etc/postfix/recipient_bcc
recipient_delimiter = +
relayhost = [XXXX.XXXX.gr]
relocated_maps = hash:/etc/postfix/relocated
sample_directory = /usr/share/doc/postfix-2.3.3/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtpd_banner = $myhostname mail.XXXX.gr
smtpd_client_connection_count_limit = 50
smtpd_client_restrictions =
permit_mynetworks, permit_sasl_authenticated
smtpd_delay_reject = yes
smtpd_hard_error_limit = ${stress?1}${stress:20}
smtpd_helo_required = no
smtpd_helo_restrictions = warn_if_reject,
reject_invalid_helo_hostname,
warn_if_reject,
reject_non_fqdn_helo_hostname,
warn_if_reject, reject_unknown_helo_hostname
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
check_relay_domains
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_path = smtpd
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = cyrus
smtpd_sender_login_maps = $virtual_alias_maps
smtpd_sender_restrictions = permit_mynetworks,
permit_sasl_authenticated,
reject_unknown_sender_domain,
warn_if_reject,
reject_sender_login_mismatch,
warn_if_reject, reject_unauthenticated_sender_login_mismatch
smtpd_timeout = ${stress?10}${stress:300}
smtpd_tls_CAfile = /etc/postfix/certs/ipsCA.pem
smtpd_tls_cert_file = /etc/postfix/certs/mail.pem
smtpd_tls_key_file = /etc/postfix/certs/mail.key
smtpd_tls_loglevel = 1
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_scache
transport_maps = hash:/etc/postfix/transport
virtual_alias_maps = hash:/etc/postfix/virtual,
proxy:ldap:/etc/postfix/ldap/ldapmailfwonly.cf,
proxy:ldap:/etc/postfix/ldap/ldapalias.cf
virtual_gid_maps = static:102
virtual_mailbox_base = /
virtual_mailbox_limit = 0
virtual_mailbox_maps = proxy:ldap:/etc/postfix/ldap/ldapaccounts.cf
virtual_minimum_uid = 100
virtual_uid_maps = static:103
thanks in advance
for your help.
Bill
