--- On Tue, 2/21/12, Noel Jones <njo...@megan.vbhcs.org> wrote:
> From: Noel Jones <njo...@megan.vbhcs.org> > Subject: Re: check_sender_access only for "outbound" mails e.g. those that > are in mynetworks > something like: > > # /etc/postfix/mynetworks.cidr > 127.0.0.0/8 OK {or check_local_sender depending on > what you want} > 192.168.0.0/16 check_local_sender > > # main.cf > mynetworks = cidr:/etc/postfix/mynetworks.cidr > > smtpd_restriction_classes = check_local_sender > > check_local_sender = check_sender_access ldap:whatever, > reject > > smtpd_sender_restrictions = > check_client_access > cidr:/etc/postfix/mynetworks.cidr > > (no changes to smtpd_recipient_restrictions needed) But with check_local_sender and the final action "reject" wouldnt this also be executed for inbound mails? And since i cannot simply specify ALL unknown IP addresses in mynetworks to say "OK" - this would basically reject all inbound messages. As far as i understood, for non-mynetwork IP addresses the check_sender_access would return nothing (but it would need to return OK) - hence the final action "reject" is executed now.