Re: Selective smtpd_helo_restrictions question

Thu, 26 Aug 2010 14:06:07 -0700 

On 8/22/2010 11:42 AM, p...@alt-ctrl-del.org wrote:

On Sunday, August 22, 2010 at 16:01 CEST,
p...@alt-ctrl-del.org wrote:



Reading RESTRICTION_CLASS_README confused me as to whether
adding a Restriction (or a defined smtpd_restriction_classes
group), to the right side of an access table, would be done in
Addition-To or In-Place-Of the already existing
smtpd_helo/client/recipient/sender_restrictions.


On 8/22/2010 3:09 PM, Noel Jones wrote:
Think of a restriction class as a single restriction.  If
there is no match for the whole class (or DUNNO), control
returns to the next restriction you've defined; OK skips to
the next smtpd_*_restrictions section; REJECT will reject the
mail.



What i'm getting out of the responses so far is: If there's
not an OK or PERMIT in my additional restriction or class
group, all of the existing
smtpd_helo/client/recipient/sender_restrictions will still be
applied.
Right?


On 8/22/2010 3:09 PM, Noel Jones wrote:
An OK or PERMIT in smtpd_helo_restrictions only skips
additional smtpd_helo_restrictions.

Postfix will always continue on to smtpd_sender_restrictions.
 If smtpd_sender_restrictions result in no match or OK,
postfix continues to smtpd_recipient_restrictions.  And so on
for data and end-of-data.

If there is a REJECT anywhere in the sequence, the mail is
rejected as soon as postfix evaluates that rule.
Is there a command line tool to test this stuff? Something that would step through the smtpd_*_restrictions or user defined restriction classes, and show the chain of execution and each restriction that is hit.
Let's say I have the following, where file1 file2 file3 have various OK, DUNNO, and REJECT lines. 
smtpd_restriction_classes = my_restriction_class
my_restriction_class = check_recipient_access /etc/file1, check_recipient_access /etc/file2, check_recipient_access /etc/file3 

I know that I can use postmap -q against an individual access table.

But I'm asking about something like:
postzzz -q (string or file) my_restriction_class
Where postzzz would output where/if/which restriction in my_restriction_class was hit (if any).

Reply via email to