The intended purpose of this server is to receive email for a number of domains, filter for SPAM and than send the clean email onto our clients mail servers. In this circumstance, do you still feel that I should remove the "permit_auth_destination" option?
My configuration is as follows: alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix debug_peer_level = 2 html_directory = no mail_owner = postfix mail_spool_directory = /var/spool/mail mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man message_size_limit = 51200000 mydestination = myhostname = spam01.nicanada.com mynetworks = 172.23.23.0/24 172.23.25.0/24 127.0.0.0/8 mynetworks_style = host myorigin = $myhostname newaliases_path = /usr/bin/newaliases.postfix queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES relay_domains = hash:/etc/postfix/relay_domains sample_directory = /usr/share/doc/postfix-2.3.3/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtpd_recipient_restrictions = reject_non_fqdn_sender, reject_unknown_recipient_domain, reject_unauth_pipelining, reject_non_fqdn_recipient, reject_rbl_client sbl.spamhaus.org, reject_rbl_client xbl.spamhaus.org, permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, permit_auth_destination, permit transport_maps = hash:/etc/postfix/transport Kaleb -----Original Message----- From: owner-postfix-us...@postfix.org [mailto:owner-postfix-us...@postfix.org] On Behalf Of Noel Jones Sent: Thursday, September 29, 2011 2:46 PM To: postfix-users@postfix.org Subject: Re: Rejecting Email by using RBL's On 9/29/2011 1:39 PM, Kaleb Hosie wrote: > This seems like it should be a simple task but for some reason Postfix isn't > rejecting email by using RBL lookups. > > Here is my smtpd configuration: > > smtpd_recipient_restrictions = > reject_non_fqdn_sender, > reject_unknown_recipient_domain, > reject_unauth_pipelining, > reject_non_fqdn_recipient, > reject_rbl_client sbl.spamhaus.org, > reject_rbl_client xbl.spamhaus.org, > permit_sasl_authenticated, > permit_mynetworks, > reject_unauth_destination, > permit_auth_destination, > permit > > Can anyone see the reason why RBL lookups aren't happening? Please show "postconf -n" output rather than main.cf snips. As a general rule, your restrictions should look like: permit_sasl_authenticated permit_mynetworks reject_unauth_destination ... built-in restrictions ... rbl's and don't use permit_auth_destination -- Noel Jones
