On 17 February 2010 20:07, Frank Bonnet <f.bon...@esiee.fr> wrote: > smtpd_recipient_restrictions = > reject_invalid_hostname, > reject_non_fqdn_sender, > reject_unknown_sender_domain, > reject_unknown_recipient_domain, > reject_unauth_pipelining, > permit_mynetworks, > reject_unauth_destination, > reject_unlisted_recipient, > check_policy_service inet:127.0.0.1:10023, > permit > > I wonder if it is possible to add exceptions to the reject_invalid_hostname > statement because two professors > need to receive some emails from few persons that haven't > well configured machines and don't have DNS access/knowledge.
This will depend on what you do/don't have control over. For the record, reject_invalid_hostname is a deprecated pre-Postfix 2.3 name, the new name for this is "reject_invalid_helo_hostname". It sounds like you want to whitelist the professors based on either HELO name (kind of unreliable and easily abused if someone finds out), or their IP address (could be troublesome if it's dynamic). http://www.postfix.org/postconf.5.html#check_client_access Basically, you'd insert an access-table lookup first in the list of restrictions and only apply reject_invalid_hostname if the sender isn't one of the professors. I don't guarantee that I've got this right, but it'd be something like this... smtpd_recipient_restrictions = check_client_access cidr:/etc/postfix/professors.cidr, reject_non_fqdn_sender, reject_unknown_sender_domain, etc... Where the contents of /etc/postfix/professors.cidr is: 1.2.3.4 DUNNO 1.2.4.10 DUNNO 0.0.0.0/0 reject_invalid_hostname This assumes that you're checking the source address. The DUNNO should skip the professors, and apply reject_invalid_hostname to everyone else. More on access tables here: http://www.postfix.org/access.5.html
