On 11/17/2011 12:13 AM, Dilip Mishra // Viva wrote: > Hello Group, > > I want to implement some restrictions on postfix by which it would > reject domains without mx records, as well as those specified in > access table. These are some domains to I do not want to send mails > at all. My problem is that, this setting does not work at all, since > the sending IPs are specified in mynetworks. The moment I change the > order of the parameters, it starts to reject all mails from all the > IPs. Please help me to set the correct order of the parameters in > main.cf <http://main.cf>: > > *smtpd_recipient_restrictions* = permit_mynetworks, > permit_sasl_authenticated, permit_inet_interfaces, > *check_recipient_access hash:/etc/postfix/access*, > reject_unauth_destination, reject_rbl_client list.dsbl.org > <http://list.dsbl.org/>, reject_rbl_client bl.spamcop.net > <http://bl.spamcop.net/>, reject_rbl_client sbl-xbl.spamhaus.org > <http://sbl-xbl.spamhaus.org/>, > reject_rhsbl_sender dsn.rfc-ignorant.org > <http://dsn.rfc-ignorant.org/>, check_relay_domains > > Dilip
Put restrictions that you want applied to all clients in smtpd_sender_restrictions, including your check_recipient_access table. Review your RBL list once in a while. list.dsbl.org is no longer operating, most sites should use zen.spamhaus.org rather than sbl-xbl, and the rfc-ignorant lists are intended for a scoring system rather than SMTP rejects. Remove the deprecated check_relay_domains parameter. Finally, if your configuration isn't working as expected, you need to show us the non-working config and postfix logs. If you need more help, please see http://www.postfix.org/DEBUG_README.html#mail -- Noel Jones
