On Fri, Nov 26, 2010 at 09:35:06AM +0100, Mauro wrote:
> On 25 November 2010 14:11, /dev/rob0 <r...@gmx.co.uk> wrote:
> > On Thu, Nov 25, 2010 at 01:54:49PM +0100, Mauro wrote:
> >> I have a file: recipient_checks with mym...@example.com REJECT
> >> and the corresponding hashed recipient_checks.db.
> >> In main.cf I have:
> >> smtpd_recipient_restrictions =
> >> ......
> >> ......
> >
> > The elided lines might have been significant.
Given the lack of LOGS in the OP and your reply, this remains as the
dominant theory.
> >> check_recipient_access hash:/etc/postfix/maps/recipient_checks
> >>
> >> The transport is: virtual_transport = dovecot.
> >
> > That might not have been significant.
> >
> >> When I send to mym...@example.com it doesn't rejected.
> >> What I have missed?
> >
> > You missed the list welcome message or DEBUG_README.html#mail
> > which would have told you to include relevant logs plus "postconf
> > -n". Without that, there is no way to guess what happened.
>
> Here is postconf -n:
Without the LOGS we cannot be sure, but some reasonable guesses are
now possible.
snip
> smtpd_recipient_restrictions =
> check_client_access hash:/etc/postfix/maps/internal_networks,
This potentially dangerous restriction might contain permit actions.
See SMTPD_ACCESS_README.html#danger for the danger. (In case you
wondered, this and the previously-mentioned DEBUG_README.html#mail
can be found at www.postfix.org and in your own html_directory.)
> reject_non_fqdn_sender,
> reject_non_fqdn_recipient,
> permit_mynetworks,
A test from within mynetworks is not going to trigger any restriction
past this point.
Note that mynetworks is not set in your postconf -n, therefore it is
at the default. See BASIC_CONFIGURATION_README.html#relay_from and
postconf.5.html#mynetworks (linked therefrom) to understand what the
default is.
> reject_unauth_destination,
> reject_invalid_hostname,
> reject_non_fqdn_hostname,
> reject_unknown_sender_domain,
> check_sender_access hash:/etc/postfix/maps/sender_checks,
> check_helo_access hash:/etc/postfix/maps/helo_checks,
These restrictions might contain permit actions. (These are not
potentially dangerous; being after reject_unauth_destination, they
cannot be used to allow relaying.)
> check_recipient_access hash:/etc/postfix/maps/recipient_checks,
snip
> I think it's all ok but check_recipient_access
> hash:/etc/postfix/maps/recipient_checks seems doesn't work.
One final guess is that you might have wrongly expected submission
via sendmail(1) to have been subject to smtpd(8)'s restrictions.
Since that is not passed via SMTP, restrictions are irrelevant.
What is the real-world goal here? Perhaps the better solution is
removal of the unwanted recipient from the address maps for its
class. See ADDRESS_CLASS_README.html for more.
--
Offlist mail to this address is discarded unless
"/dev/rob0" or "not-spam" is in Subject: header
