On Mon, Aug 8, 2011 at 8:54 PM, /dev/rob0 <r...@gmx.co.uk> wrote: > On Mon, Aug 08, 2011 at 04:46:13PM -0700, Christopher Adams wrote: > [snip] >> readme_directory = /usr/share/doc/postfix-2.0.16/README_FILES > > If this is really 2.0.16, you should consider upgrading! Postfix 2.4 > has been EOL'ed as of March. 2.8 is current as of January.
I am running 2.5.1 > >> 3) Logs >> >> This is a mailman subscribe.log that shows a subscription being >> approved by a mail administrator >> >> Aug 08 09:24:50 2011 (21056) lhdaccreditation: new >> albina.rit...@apotmail.com, via admin approval > > That's tangential to the Postfix issue, but since it really appears > to be a Mailman issue, you need to look at why your list manager is > approving subscribers that you do not want to have on the list! List managers choose to approve whoever they want. They are ignorant. > >> This is from the maillog that shows the message for the pending >> subscription request being sent back to the sender. >> >> Aug 8 09:24:52 swiki postfix/smtp[20686]: 2B075199855F: >> to=<albina.rit...@apotmail.com>, > > The "to=" is the recipient address. Sounds like Mailman was the > sender. Your check_sender_access solution was looking at the sender > address, not the recipient address. Interestingly, the maillog has no entries with 'From: *.apotmail.com'. I would have sent that if I found it. How is that possible? > > The proper solution to this problem would be in Mailman list owner > configuration, ban_list : > http://list.org/mailman-admin/node21.html > >> relay=mail.apotmail.com[209.190.19.68]:25, delay=0.9, >> delays=0.01/0/0.75/0.14, dsn=2.0.0, status=sent (250 OK >> id=1QqTB1-0005jv-1K) > > I'm sure your check_sender_access is working fine; if for example > this new subscriber tried to post to the list, that mail would be > rejected. > > You could, but probably should not, place check_recipient_access > lookups in front of Mailman's submission. Ask the Mailman folks; I > don't think Mailman will be very happy with that. It is relatively easy to address it from a Mailman perspective. I have a script that can create a ban of any domain on all lists. However, I thought that I could just use Postfix to ban any mail from that domain entering the system. > Please review Ansgar's instructions: > >> > To show evidence. Please post >> > >> > a) output of "postconf -n" >> > b) output of "postmap -q apotmail.org hash:/etc/postfix/sender_access" >> > c) a log excerpt demonstrating the issue (from submission to delivery of >> > the mail in question) > > The single smtp(8) log line you shared does not include the sender > address, so it was not adequate. I'm just guessing based on other > information you provided. You should show the ENTIRE non-verbose > logging of a message from when it enters Postfix until final > disposition thereof. > -- > Offlist mail to this address is discarded unless > "/dev/rob0" or "not-spam" is in Subject: header > I am still interested in knowing how to do this in Postfix, thought my problem is temporarily solved. I can run a cron for the script to update new lists. Thanks, everyone, for your input. -- Christopher Adams adam...@gmail.com
