--- On Tue, 2/21/12, Noel Jones <njo...@megan.vbhcs.org> wrote:

> From: Noel Jones <njo...@megan.vbhcs.org>
> Subject: Re: check_sender_access only for "outbound" mails e.g. those that 
> are in mynetworks

> something like:
> 
> # /etc/postfix/mynetworks.cidr
> 127.0.0.0/8  OK {or check_local_sender depending on
> what you want}
> 192.168.0.0/16 check_local_sender
> 
> # main.cf
> mynetworks = cidr:/etc/postfix/mynetworks.cidr
> 
> smtpd_restriction_classes = check_local_sender
> 
> check_local_sender = check_sender_access ldap:whatever,
> reject
> 
> smtpd_sender_restrictions =
>   check_client_access
> cidr:/etc/postfix/mynetworks.cidr
> 
> (no changes to smtpd_recipient_restrictions needed)

But with check_local_sender and the final action "reject" wouldnt this also be 
executed for inbound mails? And since i cannot simply specify ALL unknown IP 
addresses in mynetworks to say "OK" - this would basically reject all inbound 
messages.

As far as i understood, for non-mynetwork IP addresses the check_sender_access 
would return nothing (but it would need to return OK) - hence the final action 
"reject" is executed now.

Reply via email to