On 7/14/2011 4:32 PM, Robert Schmid wrote: > My apologies if this has been asked and answered. I set my postfix server up > several years ago and haven't looked at it since. Now I am a bit confused > about it. > > I host several domains and I have a decent level of restrictions aimed > primarily at UCE. I have one domain that wants no blocked email, though. > They would rather get the spam. How can I configure postfix to check the > recipient domain first and allow all those mails through and THEN do all the > normal checks in the regular order which I understand to be client, helo, > sender, recipient, data, or end-of-data. So what I want is a check that goes > > recipient for one permissive domain > client > helo > sender > recipient AGAIN for the other domains > data > end-of data > > Is this just a matter of multiple lines for recipient restrictions in the > appropriate order in the file so that; > > smtpd_client_restrictions = permit_mynetworks reject_rbl_client > bl.spamcop.net reject_rbl_client sbl.spamhaus.org reject_rbl_client > xbl.spamhaus.org permit > > smtpd_Sender_restrictions = reject_unknown_sender_domain, > reject_non_fqdn_hostname, > > smtpd_recipient_restrictions = permit_sasl_authenticated, > permit_mynetworks, reject_unauth_destination, check_policy_service > inet:127.0.0.1:10023, permit > > smtpd_data_restrictions = reject_unauth_pipelining, permit > >
Put all your restrictions under smtpd_recipient_restrictions, whitelisting the spamlover before other restrictions. smtpd_client_restrictions = smtpd_sender_restrictions = (both above set empty, which is the default. or just remove them from main.cf) smtpd_recipient_restrictions = permit_sasl_authenticated permit_mynetworks reject_unauth_destination check_recipient_access hash:/etc/postfix/recipient_whitelist reject_unknown_sender_domain reject_non_fqdn_hostname reject_rbl-whatever foo check_policy_service whatever: -- Noel Jones
