On 2012-01-18 11:36 AM, Jon August <jonaug...@gmail.com> wrote:
Hi,
We have a postfix machine setup as described here:
http://www.howtoforge.com/virtual-users-and-domains-with-postfix-courier-mysql-and-squirrelmail-ubuntu-11.10
and we would like to use a third party to do our spam filtering. So,
we'd like to continue using the machine for authenticated outbound mail,
but we want to limit the inbound mail to the third party mail server.
How do we configure postfix to do this?
Outbound:
--------------
ANY IP (authenticated) -> Postfix -> The World! (OK)
Inbound:
------------
A.B.C.D -> Postfix (OK)
Anything else -> Postfix (DENIED)
I do this with a simple cidr file:
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated, reject_unauth_destination,
check_client_access ${cidr}/allowed_clients.cidr, etc
where allowed_clients contains something like:
# allowed IP blocks, with subsequent checks
#
# to disallow subsequent checks, use permit_auth_destination instead of
# dunno
#
# webroot netblocks
208.87.136.0/23 dunno
203.100.58.0/24 dunno
194.116.198.0/23 dunno
#
# now we reject all clients not matching anything above
#
0.0.0.0/0 reject unauthorized client, please use our MX
Obviously substitute the appropriate netblocks for your providers
We also relay all outbound mail through our provider as well for
outbound spam filtering - set relayhost and smtp_fallback_relay (if
needed - we use our ISP for the fallback relay) settings for this...
--
Best regards,
Charles
