on 02/02/2011 03:56 PM /dev/rob0 wrote the following: > On Wed, Feb 02, 2011 at 12:49:49PM +0100, Ralf Hildebrandt wrote: >> * Ralf Hildebrandt <ralf.hildebra...@charite.de>: >> >> The resulting set of restrictions after cleaning up: > > And I'll throw in some nitpicks ... > >>>> smtpd_helo_required = yes >> >>>> smtpd_helo_restrictions = > > This being the default, the whole thing can be left out of main.cf > altogether. > >>>> smtpd_client_restrictions = >>>> hash:/etc/postfix/client_restrictions, > > This would be more properly stated as: > smtpd_client_restrictions = check_client_access > hash:/etc/postfix/client_restrictions > The OP was using the (undocumented?) default behavior of the implied > check_mumble_access lookup in smtpd_mumble_restrictions. Probably > best to be explicit and say that this is a client lookup. > >>>> disable_vrfy_command = yes >> >>>> smtpd_recipient_restrictions = >>>> reject_invalid_hostname, >>>> reject_non_fqdn_hostname, >>>> reject_non_fqdn_sender, >>>> reject_non_fqdn_recipient, >>>> reject_unknown_sender_domain, >>>> reject_unknown_recipient_domain, >>>> reject_unknown_client, >>>> reject_unknown_hostname, >>>> permit_mynetworks, >>>> reject_unauth_destination, >>>> check_recipient_access pcre:/etc/postfix/recipient_checks.pcre, >>>> check_helo_access hash:/etc/postfix/helo_checks, >>>> check_sender_access hash:/etc/postfix/sender_checks, >>>> check_client_access hash:/etc/postfix/client_checks, >>>> check_client_access pcre:/etc/postfix/client_checks.pcre, >>>> reject_rbl_client zen.spamhaus.org, >>>> permit >>>> >>>> smtpd_data_restrictions = >>>> reject_unauth_pipelining, >>>> permit
With that setup, if I wanted to accept mail from a specific Internet IP, which would otherwise be filtered out, how would I do it?
