On Sun, 2011-04-17 at 17:39:34 +0200, Reindl Harald wrote: > Am 17.04.2011 17:34, schrieb Sahil Tandon: > > On Sun, 2011-04-17 at 17:18:04 +0200, Reindl Harald wrote: > > > >> why is "reject_unlisted_sender" before "permit_mynetworks" ignored? > >> > >> Apr 17 17:16:41 arrakis postfix/smtpd[31521]: B244136033: > >> client=unknown[10.0.0.6] > >> Apr 17 17:16:41 arrakis postfix/cleanup[31524]: B244136033: > >> message-id=<d36654ef751260e1956332381f597...@www.rhsoft.net> > >> Apr 17 17:16:41 arrakis postfix/qmgr[31508]: B244136033: > >> from=<reindl.har...@gmail.com>, size=5272, nrcpt=1 (queue > >> active) > > > > Do you expect reject_unlisted_sender to act on 'reindl.har...@gmail.com' > > even though 'gmail.com' is not defined as one of your domains? > > exactly
Then the reject_unlisted_sender access restriction is the wrong tool, because it only acts on envelopes in which the sender domain is defined in one of your domain classes. > everybody on this machine should can use the machines ip-addr as > smtp-relay but only with domains listed on our main-server You could use check_sender_access to enforce specific sender domains. -- Sahil Tandon <sa...@freebsd.org>
