On Tue, Feb 16, 2010 at 11:11:54PM +0100, Ralf Hildebrandt wrote:
> * Victor Duchovni <victor.ducho...@morganstanley.com>:
>
> > > The key "*" is not defined (man 5 access)
> > > Are you sure using the HELO is a smart idea?
> >
> > The OP is not using a HELO check, it is a "check_client_access" check.
>
> He was using it twice, once for helo, once for the client:
>
> smtpd_helo_restrictions = check_helo_access hash:/etc/postfix/helo_access,
"OK" results in "helo_checks" are rather dubious, as the HELO name is
completely unverified. A more sensible choice is "DUNNO" for a single
host when the containing domain has a "REJECT" rule.
--
Viktor.
P.S. Morgan Stanley is looking for a New York City based, Senior Unix
system/email administrator to architect and sustain our perimeter email
environment. If you are interested, please drop me a note.
