Hello,
any one can help me what is wrong with my restriction ?I use postfix 2.7.2
First i see my helo restriction is not showed with postconf -n, here is it:
alias_database = hash:/etc/postfix/aliases
alias_maps = hash:/etc/postfix/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
disable_vrfy_command = yes
html_directory = no
inet_interfaces = all
mail_owner = postfix
mailbox_size_limit = 0
message_size_limit = 30720000
myhostname = mail.mydomain.com
mynetworks = 46.40.123.212/32 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
proxy_read_maps = $local_recipient_maps $mydestionation
$virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps
$virtual_mailbox_domains $relay_recipient_maps $relay_domains
$canonical_maps $sender_canonical_maps $recipient_canonical_maps
$relocated_maps transport_maps $mynetworks $virtual_mailbox_limit_maps
queue_directory = /var/spool/postfix
readme_directory = no
receive_override_options = no_address_mappings
recipient_delimiter = +
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_helo_required = yes
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated, check_helo_access
hash:/etc/postfix/helo_checks, check_sender_access
hash:/etc/postfix/helo_checks, check_recipient_access
pcre:/etc/postfix/recipient_checks.pcre, reject_unauth_destination,
reject_invalid_hostname, reject_unauth_pipelining,
reject_non_fqdn_sender, reject_unknown_sender_domain,
reject_non_fqdn_recipient, reject_unknown_recipient_domain,
reject_unlisted_sender, reject_rhsbl_client blackhole.securitysage.com,
reject_rhsbl_sender blackhole.securitysage.com, reject_rbl_client
relays.ordb.org, reject_rbl_client blackholes.easynet.nl,
reject_rbl_client cbl.abuseat.org, reject_rbl_client
proxies.blackholes.wirehub.net, reject_rbl_client bl.spamcop.net,
reject_rbl_client sbl.spamhaus.org, reject_rbl_client opm.blitzed.org,
reject_rbl_client dnsbl.njabl.org, reject_rbl_client list.dsbl.org,
reject_rbl_client multihop.dsbl.org, reject_rbl_client pbl.spamhaus.org,
permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_local_domain =
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_tls_CAfile = /etc/postfix/ssl/mail.mydomain.com.pem
smtpd_tls_cert_file = /etc/postfix/ssl/mail.mydomain.com.crt
smtpd_tls_key_file = /etc/postfix/ssl/mail.mydomain.com.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
strict_rfc821_envelopes = yes
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql_virtual_alias_maps.cf,
proxy:mysql:/etc/postfix/mysql_virtual_alias_domain_maps.cf,
proxy:mysql:/etc/postfix/mysql_virtual_alias_domain_catchall_maps.cf
virtual_gid_maps = static:1005
virtual_mailbox_base = /var/spool/postmail
virtual_mailbox_domains =
proxy:mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_maps =
proxy:mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf,
proxy:mysql:/etc/postfix/mysql_virtual_alias_domain_mailbox_maps.cf
virtual_transport = dovecot
virtual_uid_maps = static:1004
but here is part of main.cf config file:
smtpd_helo_required = yes
smtpd_helo_restriction =
permit_mynetworks,
permit_sasl_authenticated,
reject_invalid_helo_hostname,
reject_unknown_helo_hostname,
reject_non_fqdn_helo_hostname,
permit
--
Regards,
Condor
